CVE-2021-28964: 
Linux Kernel vulnerability analysis and mitigation

A race condition vulnerability (CVE-2021-28964) was discovered in the getoldroot function in fs/btrfs/ctree.c in the Linux kernel through version 5.11.8. The vulnerability was discovered by Zygo Blaxell and disclosed on March 22, 2021. The issue affects the Btrfs file system implementation and stems from a lack of locking on an extent buffer before a cloning operation (NVD, Ubuntu).

The vulnerability occurs due to a race condition in the getoldroot function in fs/btrfs/ctree.c where there is insufficient locking on an extent buffer before performing a cloning operation. The issue is tracked as CID-dbcc7d57bffc. The vulnerability has a CVSS 3.1 Base Score of 4.7 (Medium) with a vector of CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (NetApp).

When successfully exploited, this vulnerability allows attackers to cause a denial of service (system crash) through a BUG assertion failure. The vulnerability specifically affects systems using the Btrfs filesystem (Debian).

The vulnerability has been fixed in various Linux distributions through security updates. For example, Ubuntu has released fixes in versions 5.8.0-55.62 for 20.10, 5.4.0-74.83 for 20.04 LTS, 4.15.0-144.148 for 18.04 LTS, and 4.4.0-223.256 for 16.04 LTS. The fix involves taking a read lock on the extent buffer before cloning it at ctree.c:getoldroot (Kernel Commit).