From: Konstantin Komarov <almaz.alexandrovich@paragon-software.com> mainline inclusion from mainline-v6.12-rc3 commit d178944db36b3369b78a08ba520de109b89bf2a9 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB37AT CVE: CVE-2024-50244 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i... -------------------------------- Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to uninitialized bitmap during replay process. Reported-by: syzbot+3bfd2cc059ab93efcdb4@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com> Conflicts: fs/ntfs3/frecord.c [Context differences.] Signed-off-by: Yongjian Sun <sunyongjian1@huawei.com> --- fs/ntfs3/frecord.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/ntfs3/frecord.c b/fs/ntfs3/frecord.c index c831153f0d70..43e7e9ce7d61 100644 --- a/fs/ntfs3/frecord.c +++ b/fs/ntfs3/frecord.c @@ -101,7 +101,8 @@ void ni_clear(struct ntfs_inode *ni) { struct rb_node *node; - if (!ni->vfs_inode.i_nlink && is_rec_inuse(ni->mi.mrec)) + if (!ni->vfs_inode.i_nlink && is_rec_inuse(ni->mi.mrec) && + !(ni->mi.sbi->flags & NTFS_FLAGS_LOG_REPLAYING)) ni_delete_all(ni); al_destroy(ni); -- 2.39.2