CVE-2024-57975: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability has been identified in the Linux kernel's BTRFS filesystem implementation, tracked as CVE-2024-57975. The issue relates to improper folio cleanup when rundelallocnocow() fails. This vulnerability was discovered through testing with CONFIGDEBUGVM set, where test case generic/476 demonstrated a potential kernel crash due to a VMBUGON_FOLIO assertion (Kernel Git).

The vulnerability manifests when handling dirty page ranges in the BTRFS filesystem, specifically during the NOCOW (No Copy On Write) operation. The bug occurs in scenarios involving 4K block size and 4K page size configurations. When rundelallocnocow() fails, the error handling path doesn't properly clean up folio (page) states, leading to an attempt to mark writeback on unlocked pages. This triggers a VMBUGON_FOLIO assertion, causing a kernel crash (NVD).

When triggered, this vulnerability can cause a kernel crash on systems using the BTRFS filesystem with specific configurations. The issue particularly affects systems with CONFIGDEBUGVM enabled and can lead to system instability during file operations that involve NOCOW writes (Kernel Git).

The issue has been resolved in the Linux kernel through a patch that implements proper folio cleanup. The fix includes introducing a cleanupdirtyfolios() helper function to handle dirty folio cleanup, adding proper handling for clearing folio dirty flags, and implementing correct tracking of failed COW range ends (Kernel Git).