CVE-2024-42149

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fs: don&amp;#39;t misleadingly warn during thaw operations<br /> <br /> The block device may have been frozen before it was claimed by a<br /> filesystem. Concurrently another process might try to mount that<br /> frozen block device and has temporarily claimed the block device for<br /> that purpose causing a concurrent fs_bdev_thaw() to end up here. The<br /> mounter is already about to abort mounting because they still saw an<br /> elevanted bdev-&gt;bd_fsfreeze_count so get_bdev_super() will return<br /> NULL in that case.<br /> <br /> For example, P1 calls dm_suspend() which calls into bdev_freeze() before<br /> the block device has been claimed by the filesystem. This brings<br /> bdev-&gt;bd_fsfreeze_count to 1 and no call into fs_bdev_freeze() is<br /> required.<br /> <br /> Now P2 tries to mount that frozen block device. It claims it and checks<br /> bdev-&gt;bd_fsfreeze_count. As it&amp;#39;s elevated it aborts mounting.<br /> <br /> In the meantime P3 called dm_resume(). P3 sees that the block device is<br /> already claimed by a filesystem and calls into fs_bdev_thaw().<br /> <br /> P3 takes a passive reference and realizes that the filesystem isn&amp;#39;t<br /> ready yet. P3 puts itself to sleep to wait for the filesystem to become<br /> ready.<br /> <br /> P2 now puts the last active reference to the filesystem and marks it as<br /> dying. P3 gets woken, sees that the filesystem is dying and<br /> get_bdev_super() fails.