Bug 1227910 (CVE-2024-40972)

Summary: VUL-0: CVE-2024-40972: kernel: ext4: do not create EA inode under buffer lock
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Kernel Bugs <kernel-bugs>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: andrea.mattiazzo
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/413899/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-40972:4.7:(AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-07-16 09:58:11 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ext4: do not create EA inode under buffer lock

ext4_xattr_set_entry() creates new EA inodes while holding buffer lock
on the external xattr block. This is problematic as it nests all the
allocation locking (which acquires locks on other buffers) under the
buffer lock. This can even deadlock when the filesystem is corrupted and
e.g. quota file is setup to contain xattr block as data block. Move the
allocation of EA inode out of ext4_xattr_set_entry() into the callers.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-40972
https://www.cve.org/CVERecord?id=CVE-2024-40972
https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b
https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-40972.mbox