Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:erofs: fix inconsistent per-file compression formatEROFS can select compression algorithms on a per-file basis, and eachper-file compression algorithm needs to be marked in the on-disksuperblock for initialization.However, syzkaller can generate inconsistent crafted images that usean unsupported algorithmtype for specific inodes, e.g. use MicroLZMAalgorithmtype even it's not set in `sbi->available_compr_algs`. Thiscan lead to an unexpected "BUG: kernel NULL pointer dereference" ifthe corresponding decompressor isn't built-in.Fix this by checking against `sbi->available_compr_algs` for eachm_algorithmformat request. Incorrect !erofs_sb_has_compr_cfgs presetbitmap is now fixed together since it was harmless previously.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds