CVE-2024-57942

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfs: Fix ceph copy to cache on write-begin<br /> <br /> At the end of netfs_unlock_read_folio() in which folios are marked<br /> appropriately for copying to the cache (either with by being marked dirty<br /> and having their private data set or by having PG_private_2 set) and then<br /> unlocked, the folio_queue struct has the entry pointing to the folio<br /> cleared. This presents a problem for netfs_pgpriv2_write_to_the_cache(),<br /> which is used to write folios marked with PG_private_2 to the cache as it<br /> expects to be able to trawl the folio_queue list thereafter to find the<br /> relevant folios, leading to a hang.<br /> <br /> Fix this by not clearing the folio_queue entry if we&amp;#39;re going to do the<br /> deprecated copy-to-cache. The clearance will be done instead as the folios<br /> are written to the cache.<br /> <br /> This can be reproduced by starting cachefiles, mounting a ceph filesystem<br /> with "-o fsc" and writing to it.