| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential deadlock with newly created symlinks\n\nSyzbot reported that page_symlink(), called by nilfs_symlink(), triggers\nmemory reclamation involving the filesystem layer, which can result in\ncircular lock dependencies among the reader/writer semaphore\nnilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the\nfs_reclaim pseudo lock.\n\nThis is because after commit 21fc61c73c39 (\"don't put symlink bodies in\npagecache into highmem\"), the gfp flags of the page cache for symbolic\nlinks are overwritten to GFP_KERNEL via inode_nohighmem().\n\nThis is not a problem for symlinks read from the backing device, because\nthe __GFP_FS flag is dropped after inode_nohighmem() is called. However,\nwhen a new symlink is created with nilfs_symlink(), the gfp flags remain\noverwritten to GFP_KERNEL. Then, memory allocation called from\npage_symlink() etc. triggers memory reclamation including the FS layer,\nwhich may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can\ncause a deadlock if they are called while nilfs->ns_segctor_sem is held:\n\nFix this issue by dropping the __GFP_FS flag from the page cache GFP flags\nof newly created symlinks in the same way that nilfs_new_inode() and\n__nilfs_read_inode() do, as a workaround until we adopt nofs allocation\nscope consistently or improve the locking constraints." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nilfs2/namei.c" |
| ], |
| "versions": [ |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "cc38c596e648575ce58bfc31623a6506eda4b94a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "a1686db1e59f8fc016c4c9361e2119dd206f479a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "c72e0df0b56c1166736dc8eb62070ebb12591447", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "69548bb663fcb63f9ee0301be808a36b9d78dac3", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "1246d86e7bbde265761932c6e2dce28c69cdcb91", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "21fc61c73c3903c4c312d0802da01ec2b323d174", |
| "lessThan": "b3a033e3ecd3471248d474ef263aadc0059e516a", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "076e4ab3279eb3ddb206de44d04df7aeb2428e09", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "fs/nilfs2/namei.c" |
| ], |
| "versions": [ |
| { |
| "version": "4.5", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "4.5", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.323", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.285", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.229", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.171", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.116", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.60", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.11.7", |
| "lessThanOrEqual": "6.11.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "4.19.323" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "5.4.285" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "5.10.229" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "5.15.171" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "6.1.116" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "6.6.60" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "6.11.7" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.5", |
| "versionEndExcluding": "6.12" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "4.4.116" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/cc38c596e648575ce58bfc31623a6506eda4b94a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/a1686db1e59f8fc016c4c9361e2119dd206f479a" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/c72e0df0b56c1166736dc8eb62070ebb12591447" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/69548bb663fcb63f9ee0301be808a36b9d78dac3" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/b3a033e3ecd3471248d474ef263aadc0059e516a" |
| } |
| ], |
| "title": "nilfs2: fix potential deadlock with newly created symlinks", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-50229", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
