CVE-2024-50191: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50191 affects the Linux kernel's ext4 filesystem handling. The vulnerability was discovered when the filesystem is mounted with errors=remount-ro option, where the code would set the SB_RDONLY flag to stop filesystem modifications. This implementation has been present since early ext2 days but was recently found to have issues with proper locking mechanisms (Kernel Patch).

The vulnerability stems from improper handling of the SB_RDONLY flag in the ext4 filesystem code. When filesystem errors occur, the system would set SB_RDONLY flag without proper locking (sb->s_umount) and without going through the proper filesystem remount procedure. This could lead to warnings in filesystem freezing because the code became confused by SB_RDONLY changing under its hands. The issue has a CVSS v3.1 Base Score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (NVD).

The vulnerability could potentially cause filesystem freezing issues and deadlocks when the filesystem encounters errors and attempts to remount in read-only mode. This affects systems running Linux kernel versions up to (excluding) 5.15.168, versions from 5.16 up to (excluding) 6.1.113, versions from 6.2 up to (excluding) 6.6.57, and versions from 6.7 up to (excluding) 6.11.4 (NVD).

The issue has been fixed by removing the SB_RDONLY flag setting, as the EXT4_FLAGS_SHUTDOWN flag on the superblock is sufficient to stop all filesystem modifications. The fix has been implemented in various kernel versions through patches. Users should update their systems to the patched versions. For Ubuntu 20.04 LTS, this includes updating to linux-image-5.15.0-127-generic version 5.15.0-127.137~20.04.1 and related packages (Ubuntu Notice).