CVE-2022-49068: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49068 is a vulnerability in the Linux kernel's btrfs filesystem that affects the direct IO write path. The issue was discovered in 2022 and involves incorrect release of delalloc (delayed allocation) amounts during direct IO write operations. The vulnerability affects Linux kernel versions prior to the patch implementation (Kernel Git).

The vulnerability occurs in the btrfsgetblocksdirectwrite() function where temporary outstanding extents are reserved using btrfsdelallocreservemetadata() or indirectly through btrfsdelallocreservespace(). The issue arises when the 'len' parameter is modified in the COW (Copy-On-Write) case, resulting in fewer outstanding extents being released than expected. This leads to a memory leak condition that manifests as outstanding extents remaining after filesystem operations (Kernel Git).

The vulnerability can result in memory leaks due to unreleased outstanding extents. This condition becomes particularly apparent during filesystem unmount operations, where it triggers warnings about remaining outstanding extents. The issue is most noticeable on filesystems of approximately 1 GiB in size, especially when attempting to allocate large extents that result in smaller allocations (Kernel Git).

The issue has been fixed by modifying the code to call btrfsdelallocreleaseextents() with the original length (prevlen) instead of the potentially modified length. The fix ensures proper cleanup of outstanding extents during direct IO write operations. Users should update to a patched kernel version that includes this fix (Kernel Git).