CVE-2022-50668

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: fix deadlock due to mbcache entry corruption<br /> <br /> When manipulating xattr blocks, we can deadlock infinitely looping<br /> inside ext4_xattr_block_set() where we constantly keep finding xattr<br /> block for reuse in mbcache but we are unable to reuse it because its<br /> reference count is too big. This happens because cache entry for the<br /> xattr block is marked as reusable (e_reusable set) although its<br /> reference count is too big. When this inconsistency happens, this<br /> inconsistent state is kept indefinitely and so ext4_xattr_block_set()<br /> keeps retrying indefinitely.<br /> <br /> The inconsistent state is caused by non-atomic update of e_reusable bit.<br /> e_reusable is part of a bitfield and e_reusable update can race with<br /> update of e_referenced bit in the same bitfield resulting in loss of one<br /> of the updates. Fix the problem by using atomic bitops instead.<br /> <br /> This bug has been around for many years, but it became *much* easier<br /> to hit after commit 65f8b80053a1 ("ext4: fix race when reusing xattr<br /> blocks").