CVE-2024-44972: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-44972 affects the Linux kernel's BTRFS filesystem implementation. The vulnerability was discovered in the extentwritelocked_range() function where improper handling of page dirty flags in subpage and zoned cases can lead to reserved space leaks during unmount operations. This issue specifically affects systems using BTRFS with subpage and zoned storage configurations (Kernel Patch).

The vulnerability occurs due to premature clearing of page dirty flags inside extentwritelocked_range(). When handling direct I/O operations with subpage and zoned storage, the function incorrectly clears the page dirty flag while leaving subpage dirty bits set, causing a desynchronization between page and subpage dirty states. This leads to some dirty ranges being skipped during writeback operations, resulting in reserved space never being properly released. The issue has a CVSS v3.1 base score of 5.5 (Medium) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can cause reserved data and metadata space leaks during filesystem unmount operations. This affects system resource management and can lead to improper space accounting in BTRFS filesystems. The issue is particularly impactful for systems using zoned storage devices with subpage configurations (Kernel Patch).

The issue has been fixed in the Linux kernel by modifying the extentwritelockedrange() function to not clear page dirty flags, instead relying on _extentwritepageio() to handle the clearing of both page and subpage dirty flags accurately. The fix has been backported to multiple stable kernel versions (Kernel Patch).