CVE-2023-54099

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fs: Protect reconfiguration of sb read-write from racing writes<br /> <br /> The reconfigure / remount code takes a lot of effort to protect<br /> filesystem&amp;#39;s reconfiguration code from racing writes on remounting<br /> read-only. However during remounting read-only filesystem to read-write<br /> mode userspace writes can start immediately once we clear SB_RDONLY<br /> flag. This is inconvenient for example for ext4 because we need to do<br /> some writes to the filesystem (such as preparation of quota files)<br /> before we can take userspace writes so we are clearing SB_RDONLY flag<br /> before we are fully ready to accept userpace writes and syzbot has found<br /> a way to exploit this [1]. Also as far as I&amp;#39;m reading the code<br /> the filesystem remount code was protected from racing writes in the<br /> legacy mount path by the mount&amp;#39;s MNT_READONLY flag so this is relatively<br /> new problem. It is actually fairly easy to protect remount read-write<br /> from racing writes using sb-&gt;s_readonly_remount flag so let&amp;#39;s just do<br /> that instead of having to workaround these races in the filesystem code.<br /> <br /> [1] https://lore.kernel.org/all/00000000000006a0df05f6667499@google.com/T/