Description
In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function new_inode() returns a new inode with inode->i_mapping->gfp_mask set to GFP_HIGHUSER_MOVABLE. This value includes the __GFP_FS flag, so allocations in that address space can recurse into filesystem memory reclaim. We don't want that to happen because it can consume a significant amount of stack memory. Worse than that is that it can also deadlock: for example, in several places, gfs2_unstuff_dinode() is called inside filesystem transactions. This calls filemap_grab_folio(), which can allocate a new folio, which can trigger memory reclaim. If memory reclaim recurses into the filesystem and starts another transaction, a deadlock will ensue. To fix these kinds of problems, prevent memory reclaim from recursing into filesystem code by making sure that the gfp_mask of inode address spaces doesn't include __GFP_FS. The "meta" and resource group address spaces were already using GFP_NOFS as their gfp_mask (which doesn't include __GFP_FS). The default value of GFP_HIGHUSER_MOVABLE is less restrictive than GFP_NOFS, though. To avoid being overly limiting, use the default value and only knock off the __GFP_FS flag. I'm not sure if this will actually make a difference, but it also shouldn't hurt. This patch is loosely based on commit ad22c7a043c2 ("xfs: prevent stack overflows from page cache allocation"). Fixes xfstest generic/273.
Details
Affected Packages
| Software | From version | Fixed in |
|---|---|---|
| linux | — | 6.17.0-19.19 |
| linux-allwinner-5.19 | — | — |
| linux-aws | — | 6.17.0-1009.9 |
| linux-aws-5.0 | — | — |
| linux-aws-5.11 | — | — |
| linux-aws-5.13 | — | — |
| linux-aws-5.19 | — | — |
| linux-aws-5.3 | — | — |
| linux-aws-5.8 | — | — |
| linux-aws-6.14 | — | — |
| linux-aws-6.17 | — | 6.17.0-1009.9~24.04.2 |
| linux-aws-6.2 | — | — |
| linux-aws-6.5 | — | — |
| linux-aws-6.8 | — | — |
| linux-aws-fips | — | — |
| linux-azure | — | 6.17.0-1010.10 |
| linux-azure-5.11 | — | — |
| linux-azure-5.13 | — | — |
| linux-azure-5.19 | — | — |
| linux-azure-5.3 | — | — |
| linux-azure-5.8 | — | — |
| linux-azure-6.11 | — | — |
| linux-azure-6.14 | — | — |
| linux-azure-6.17 | — | 6.17.0-1010.10~24.04.1 |
| linux-azure-6.2 | — | — |
| linux-azure-6.5 | — | — |
| linux-azure-6.8 | — | — |
| linux-azure-edge | — | — |
| linux-azure-fde | — | — |
| linux-azure-fde-5.19 | — | — |
| linux-azure-fde-6.14 | — | — |
| linux-azure-fde-6.17 | — | — |
| linux-azure-fde-6.2 | — | — |
| linux-azure-fde-6.8 | — | — |
| linux-azure-fips | — | — |
| linux-azure-nvidia | — | — |
| linux-azure-nvidia-6.14 | — | — |
| linux-bluefield | — | — |
| linux-fips | — | — |
| linux-gcp | — | 6.17.0-1009.9 |
| linux-gcp-5.11 | — | — |
| linux-gcp-5.13 | — | — |
| linux-gcp-5.19 | — | — |
| linux-gcp-5.3 | — | — |
| linux-gcp-5.8 | — | — |
| linux-gcp-6.11 | — | — |
| linux-gcp-6.14 | — | — |
| linux-gcp-6.17 | — | 6.17.0-1009.9~24.04.3 |
| linux-gcp-6.2 | — | — |
| linux-gcp-6.5 | — | — |
| linux-gcp-6.8 | — | — |
| linux-gcp-fips | — | — |
| linux-gke | — | — |
| linux-gke-4.15 | — | — |
| linux-gke-5.15 | — | — |
| linux-gke-5.4 | — | — |
| linux-gkeop | — | — |
| linux-gkeop-5.15 | — | — |
| linux-gkeop-5.4 | — | — |
| linux-hwe | — | — |
| linux-hwe-5.11 | — | — |
| linux-hwe-5.13 | — | — |
| linux-hwe-5.19 | — | — |
| linux-hwe-5.8 | — | — |
| linux-hwe-6.11 | — | — |
| linux-hwe-6.14 | — | — |
| linux-hwe-6.17 | — | 6.17.0-19.19~24.04.2 |
| linux-hwe-6.2 | — | — |
| linux-hwe-6.5 | — | — |
| linux-hwe-6.8 | — | — |
| linux-hwe-edge | — | — |
| linux-ibm | — | — |
| linux-ibm-6.8 | — | — |
| linux-intel-5.13 | — | — |
| linux-intel-iot-realtime | — | — |
| linux-lowlatency | — | — |
| linux-lowlatency-hwe-5.19 | — | — |
| linux-lowlatency-hwe-6.11 | — | — |
| linux-lowlatency-hwe-6.2 | — | — |
| linux-lowlatency-hwe-6.5 | — | — |
| linux-lowlatency-hwe-6.8 | — | — |
| linux-nvidia | — | — |
| linux-nvidia-6.11 | — | — |
| linux-nvidia-6.17 | — | 6.17.0-1018.18 |
| linux-nvidia-6.2 | — | — |
| linux-nvidia-6.5 | — | — |
| linux-nvidia-6.8 | — | — |
| linux-nvidia-lowlatency | — | — |
| linux-nvidia-tegra | — | — |
| linux-oem | — | — |
| linux-oem-5.10 | — | — |
| linux-oem-5.13 | — | — |
| linux-oem-5.14 | — | — |
| linux-oem-5.17 | — | — |
| linux-oem-5.6 | — | — |
| linux-oem-6.0 | — | — |
| linux-oem-6.1 | — | — |
| linux-oem-6.11 | — | — |
| linux-oem-6.14 | — | — |
| linux-oem-6.17 | — | 6.17.0-1017.17 |
| linux-oem-6.5 | — | — |
| linux-oem-6.8 | — | — |
| linux-oracle | — | 6.17.0-1009.9 |
| linux-oracle-5.0 | — | — |
| linux-oracle-5.11 | — | — |
| linux-oracle-5.13 | — | — |
| linux-oracle-5.3 | — | — |
| linux-oracle-5.8 | — | — |
| linux-oracle-6.14 | — | — |
| linux-oracle-6.17 | — | 6.17.0-1009.9~24.04.1 |
| linux-oracle-6.5 | — | — |
| linux-oracle-6.8 | — | — |
| linux-raspi | — | 6.17.0-1010.10 |
| linux-raspi-realtime | — | — |
| linux-raspi2 | — | — |
| linux-realtime | — | 6.17.0-1008.9 |
| linux-realtime-6.14 | — | — |
| linux-realtime-6.17 | — | 6.17.0-1008.9~24.04.1 |
| linux-realtime-6.8 | — | — |
| linux-riscv | — | 6.17.0-19.19.1 |
| linux-riscv-5.11 | — | — |
| linux-riscv-5.19 | — | — |
| linux-riscv-5.8 | — | — |
| linux-riscv-6.14 | — | — |
| linux-riscv-6.17 | — | 6.17.0-19.19.1~24.04.1 |
| linux-riscv-6.5 | — | — |
| linux-riscv-6.8 | — | — |
| linux-starfive-5.19 | — | — |
| linux-starfive-6.2 | — | — |
| linux-starfive-6.5 | — | — |
| linux-xilinx | — | — |
References
Similar Threats
- Unknown CGA-23jx-hhcx-m389
- Unknown CGA-2qp7-6757-fmgc
- Unknown CGA-2rj5-jc55-r267
- Unknown CGA-3m96-cwq8-6xmx
- Unknown CGA-3qj9-973w-fh9g
Exploit Protection
Help block exploit attempts
BotEraser is designed to detect and help reduce malicious bot traffic that may target known vulnerabilities on your site.
Try BotEraser Free →No credit card required · Results in minutes
ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.