CVE-2024-53234

Summary

In the Linux kernel, the following vulnerability has been resolved:

erofs: handle NONHEAD !delta[1] lclusters gracefully

syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctl_fiemap fs/ioctl.c:220 [inline]

Generally, NONHEAD lclusters won't have delta[1]==0, except for crafted images and filesystems created by pre-1.0 mkfs versions.

Previously, it would immediately bail out if delta[1]==0, which led to inadequate decompressed lengths (thus FIEMAP is impacted). Treat it as delta[1]=1 to work around these legacy mkfs versions.

lclusterbits > 14 is illegal for compact indexes, error out too.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd95ae5e25326092d61613acf98280270dde22778 < 75a0a6dde803e7a3af700da8da9a361b49f69ebaaffected
LinuxLinuxd95ae5e25326092d61613acf98280270dde22778 < f466641debcbea8bdf78d1b63a6270aadf9301bfaffected
LinuxLinuxd95ae5e25326092d61613acf98280270dde22778 < 480c6c7b55aeacac800bc2a0d321ff53273045e5affected
LinuxLinuxd95ae5e25326092d61613acf98280270dde22778 < daaf68fef4b2ff97928227630021d37b27a96655affected
LinuxLinuxd95ae5e25326092d61613acf98280270dde22778 < 0bc8061ffc733a0a246b8689b2d32a3e9204f43caffected
LinuxLinux96a85becb811ca2ce21a21721f1544d342ae431eaffected
LinuxLinux8c723eef989bc419585237daa467b787ddca5415affected
LinuxLinux5.4.251 < 5.5affected
LinuxLinux5.10.188 < 5.11affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux6.1.127 <= 6.1.*unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References