References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

ext4: check and assert if marking an no_delete evicting inode dirty

In ext4_evict_inode(), if we evicting an inode in the 'no_delete' path,
it cannot be raced by another mark_inode_dirty(). If it happens,
someone else may accidentally dirty it without holding inode refcount
and probably cause use-after-free issues in the writeback procedure.
It's indiscoverable and hard to debug, so add an WARN_ON_ONCE() to
check and detect this issue in advance.

https://git.kernel.org/stable/c/0c026f975d24701766cf4ac63995ead9f6d57a59

https://git.kernel.org/stable/c/318cdc822c63b6e2befcfdc2088378ae6fa18def

https://git.kernel.org/stable/c/9020f56a3cad1c97b81c7dab2aa67027b59c8f73

https://git.kernel.org/stable/c/91009e361e8cb2cbd1dc9496cb5fb4f8de3f4b11

https://git.kernel.org/stable/c/f1ec687ebd1bf146333955b7e209d21508c3ba9f