CVE-2022-50286

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline<br /> <br /> When converting files with inline data to extents, delayed allocations<br /> made on a file system created with both the bigalloc and inline options<br /> can result in invalid extent status cache content, incorrect reserved<br /> cluster counts, kernel memory leaks, and potential kernel panics.<br /> <br /> With bigalloc, the code that determines whether a block must be<br /> delayed allocated searches the extent tree to see if that block maps<br /> to a previously allocated cluster. If not, the block is delayed<br /> allocated, and otherwise, it isn&amp;#39;t. However, if the inline option is<br /> also used, and if the file containing the block is marked as able to<br /> store data inline, there isn&amp;#39;t a valid extent tree associated with<br /> the file. The current code in ext4_clu_mapped() calls<br /> ext4_find_extent() to search the non-existent tree for a previously<br /> allocated cluster anyway, which typically finds nothing, as desired.<br /> However, a side effect of the search can be to cache invalid content<br /> from the non-existent tree (garbage) in the extent status tree,<br /> including bogus entries in the pending reservation tree.<br /> <br /> To fix this, avoid searching the extent tree when allocating blocks<br /> for bigalloc + inline files that are being converted from inline to<br /> extent mapped.