In the Linux kernel, the following vulnerability has been resolved: btrfs:
zoned: fix lock ordering in btrfs_zone_activate() The btrfs CI reported a
lockdep warning as follows by running generic generic/129. WARNING:
possible circular locking dependency detected 6.7.0-rc5+ #1 Not tainted
------------------------------------------------------ kworker/u5:5/793427
is trying to acquire lock: ffff88813256d028 (&cache->lock){+.+.}-{2:2}, at:
btrfs_zone_finish_one_bg+0x5e/0x130 but task is already holding lock:
ffff88810a23a318 (&fs_info->zone_active_bgs_lock){+.+.}-{2:2}, at:
btrfs_zone_finish_one_bg+0x34/0x130 which lock already depends on the new
lock. the existing dependency chain (in reverse order) is: -> #1
(&fs_info->zone_active_bgs_lock){+.+.}-{2:2}: … -> #0
(&cache->lock){+.+.}-{2:2}: … This is because we take
fs_info->zone_active_bgs_lock after a block_group’s lock in
btrfs_zone_activate() while doing the opposite in other places. Fix the
issue by expanding the fs_info->zone_active_bgs_lock’s critical section and
taking it before a block_group’s lock.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/b18f3b60b35a8c01c9a2a0f0d6424c6d73971dc3 (6.8-rc2)
git.kernel.org/stable/c/1908e9d01e5395adff68d9d308a0fb15337e6272
git.kernel.org/stable/c/6f74989f5909cdec9b1274641f0fa306b15bb476
git.kernel.org/stable/c/b18f3b60b35a8c01c9a2a0f0d6424c6d73971dc3
launchpad.net/bugs/cve/CVE-2023-52668
nvd.nist.gov/vuln/detail/CVE-2023-52668
security-tracker.debian.org/tracker/CVE-2023-52668
www.cve.org/CVERecord?id=CVE-2023-52668