In the Linux kernel, the following vulnerability has been resolved:
ext4: fix possible UAF when remounting r/o a mmp-protected file system
After commit 618f003199c6 ("ext4: fix memory leak in ext4fillsuper"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->smmptsk to point at freed memory, which the call to ext4stopmmpd() can trip over.
Fix this by only allowing kmmpd() to exit when it is stopped via ext4stopmmpd().
Bug-Report-Link: 20210629143603.2166962-1-yebin10@huawei.com