Infinite Loop Issue in Linux Kernel's nilfs2 File System

CVE-2023-53845

What is CVE-2023-53845?

A vulnerability has been identified in the nilfs2 file system of the Linux kernel. This issue arises when a corrupted disk image is mounted, leading to an invalid virtual block address during metadata file lookup. The faulty logic in nilfs_bmap_lookup_at_level() can mistakenly indicate that a block doesn’t exist, which results in nilfs_mdt_get_block() entering an endless loop while attempting to retrieve metadata. This can lead to significant performance issues, including task hangs due to semaphore locks not being released. The recent fix reclassifies such block lookup failures as indications of metadata corruption, preventing this problematic behavior.

References