2025-05-01 14:10:55
Linux
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolve_indirect_refs() During backref walking, at resolve_indirect_refs(), if we get an error we jump to the out label and call ulist_free() on the parents ulist, which frees all the elements in the ulist - however that does not free any inode lists that may be attached to elements, through the aux field of a ulist node, so we end up leaking lists if we have any attached to the unodes. Fix this by calling free_leaf_list() instead of ulist_free() when we exit from resolve_indirect_refs(). The static function free_leaf_list() is moved up for this to be possible and its slightly simplified by removing unnecessary code.