CVE-2022-49414

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the race condition between ext4 write and ext4 convert inline data

Description A race condition exists in the Linux kernel between ext4 write and ext4 convert inline data, which can lead to an error in the ext4 mb generate buddy function. This issue occurs due to concurrent access to the same data structure by multiple threads, specifically when the locks held by ext4 convert inline data (xattr sem) and generic perform write (i rwsem) are acquired in a way that allows for concurrent execution. The error manifests as an inconsistent block bitmap and bg descriptor in the ext4 file system, resulting in a kernel BUG.

Recommendations To resolve this issue, apply the patch that adds inode lock() for ext4 convert inline data() and moves ext4 convert inline data() in front of ext4 punch hole(), removing similar handling from ext4 punch hole().

Note: The exact version that includes the fix is not specified, so it is recommended to update to the latest version of the Linux kernel that includes this fix.