{"id":"CVE-2024-50229","summary":"nilfs2: fix potential deadlock with newly created symlinks","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential deadlock with newly created symlinks\n\nSyzbot reported that page_symlink(), called by nilfs_symlink(), triggers\nmemory reclamation involving the filesystem layer, which can result in\ncircular lock dependencies among the reader/writer semaphore\nnilfs-\u003ens_segctor_sem, s_writers percpu_rwsem (intwrite) and the\nfs_reclaim pseudo lock.\n\nThis is because after commit 21fc61c73c39 (\"don't put symlink bodies in\npagecache into highmem\"), the gfp flags of the page cache for symbolic\nlinks are overwritten to GFP_KERNEL via inode_nohighmem().\n\nThis is not a problem for symlinks read from the backing device, because\nthe __GFP_FS flag is dropped after inode_nohighmem() is called.  However,\nwhen a new symlink is created with nilfs_symlink(), the gfp flags remain\noverwritten to GFP_KERNEL.  Then, memory allocation called from\npage_symlink() etc.  triggers memory reclamation including the FS layer,\nwhich may call nilfs_evict_inode() or nilfs_dirty_inode().  And these can\ncause a deadlock if they are called while nilfs-\u003ens_segctor_sem is held:\n\nFix this issue by dropping the __GFP_FS flag from the page cache GFP flags\nof newly created symlinks in the same way that nilfs_new_inode() and\n__nilfs_read_inode() do, as a workaround until we adopt nofs allocation\nscope consistently or improve the locking constraints.","modified":"2026-04-16T04:31:36.238485504Z","published":"2024-11-09T10:14:39.756Z","related":["SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50229.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91"},{"type":"WEB","url":"https://git.kernel.org/stable/c/58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38"},{"type":"WEB","url":"https://git.kernel.org/stable/c/69548bb663fcb63f9ee0301be808a36b9d78dac3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a1686db1e59f8fc016c4c9361e2119dd206f479a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b3a033e3ecd3471248d474ef263aadc0059e516a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c72e0df0b56c1166736dc8eb62070ebb12591447"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cc38c596e648575ce58bfc31623a6506eda4b94a"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50229.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50229"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"21fc61c73c3903c4c312d0802da01ec2b323d174"},{"fixed":"cc38c596e648575ce58bfc31623a6506eda4b94a"},{"fixed":"a1686db1e59f8fc016c4c9361e2119dd206f479a"},{"fixed":"c72e0df0b56c1166736dc8eb62070ebb12591447"},{"fixed":"69548bb663fcb63f9ee0301be808a36b9d78dac3"},{"fixed":"58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38"},{"fixed":"1246d86e7bbde265761932c6e2dce28c69cdcb91"},{"fixed":"9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24"},{"fixed":"b3a033e3ecd3471248d474ef263aadc0059e516a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"076e4ab3279eb3ddb206de44d04df7aeb2428e09"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50229.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}