CVE-2024-38582: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-38582 is a vulnerability in the Linux kernel's NILFS2 filesystem that can cause a potential hang in nilfsdetachlog_writer() during filesystem unmount. The issue was discovered by Syzbot and reported on June 19, 2024. The vulnerability affects the Linux kernel's NILFS2 filesystem implementation (Kernel Git).

The vulnerability occurs when nilfssegctorsync() attempts to synchronize with the log writer thread after nilfssegctordestroy() has already terminated that thread. This creates a race condition during the unmount process where nilfssegctorsync() can be called from delayed iput() via nilfsevictinode() after the log writer thread termination, leading to a deadlock. The CVSS v3.1 base score for this vulnerability is 5.3 (Medium) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (CISA-ADP).

The vulnerability can result in a system hang during the unmount process of NILFS2 filesystems, potentially affecting system availability and proper cleanup of filesystem resources (NVD).

The issue has been fixed by modifying nilfssegctorsync() to return normally without synchronizing after the log writer thread terminates, and by forcing tasks that are already waiting to complete once after the thread terminates. The skipped inode metadata flushout is processed together in the subsequent cleanup work in nilfssegctordestroy(). Fixed versions are available in various Linux distributions including Ubuntu 24.04 LTS (6.8.0-40.40), Ubuntu 22.04 LTS (5.15.0-121.131), and Ubuntu 20.04 LTS (5.4.0-192.212) (Ubuntu Security).