CVE-2024-50216: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50216) was discovered in the XFS filesystem's filestream allocation mechanism. The issue specifically affects the xfs_filestream_pick_ag function, where a bug exists in the handling of last resort allocation group (AG) selection. The vulnerability was discovered and reported through the syzkaller automated testing system (Kernel Git).

The vulnerability occurs when the main loop in xfs_filestream_pick_ag fails to find a suitable allocation group (AG). The function attempts to select an online AG as a last resort, but incorrectly uses args->pag as a loop iterator while the subsequent code expects pag to be properly set. This could potentially lead to an uninitialized pag value being used. The issue stems from a regression introduced by commit f8f1ed1ab3baba which implemented the return of referenced perag from filestreams allocator (Kernel Git).

The vulnerability could potentially lead to system instability or crashes when the XFS filesystem attempts to allocate space using the filestream allocation mechanism. This particularly affects systems actively using XFS filesystem with filestream allocation enabled (Kernel Git).

The issue has been fixed by modifying the code to reuse the max_pag case for the last resort allocation and adding a check for the impossible case of no AG being available. The fix ensures that uninitialized pag values cannot escape even in theory. The patch has been tested and verified by syzkaller (Kernel Git).