CVE-2024-43885
Published: August 28, 2024Last modified: June 17, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double inode unlock for direct IO sync writes If we do a direct IO sync write, at btrfs_sync_file(), and we need to skip inode logging or we get an error starting a transaction or an error when flushing delalloc, we end up unlocking the inode when we shouldn't under the 'out_release_extents' label, and then unlock it again at btrfs_direct_write(). Fix that by checking if we have to skip inode unlocking under that label.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.106-r0) |
| Stream | linux-lts | Fixed (6.1.106-r0) |
References
- https://git.kernel.org/stable/c/1a607d22dea4f60438747705495ec4d0af2ec451
- https://git.kernel.org/stable/c/7ba27f14161fc20c4fc0051658a22ddd832eb0aa
- https://git.kernel.org/stable/c/8bd4c9220416111500c275546c69c63d42185793
- https://git.kernel.org/stable/c/d924a0be2f218501588cf463d70f1c71afea06d9
- https://git.kernel.org/stable/c/e0391e92f9ab4fb3dbdeb139c967dcfa7ac4b115