Commit 9e2f9d34dd12 ("erofs: handle overlapped pclusters out of crafted
images properly") fixes CVE-2024-47736 [1] but brings another problem [2].
So commit 1a2180f6859c ("erofs: fix PSI memstall accounting") should be
backported too.
The backport follows linux 6.6.y conflict resolution changes of
struct folio -> struct page from 1bf7e414cac3 ("erofs: handle overlapped
pclusters out of crafted images properly").
---
v2: Corrected patch comment about a minor fix. I mistakenly assessed
the significance of the changes relative to the backport from 6.6.y.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-47736
[2]
https://lore.kernel.org/all/cakpou+8tvsowijadw2rukyofl_cskm_suyza7me5vmlwml6...@mail.gmail.com/
Gao Xiang (2):
erofs: handle overlapped pclusters out of crafted images properly
erofs: fix PSI memstall accounting
fs/erofs/zdata.c | 66 +++++++++++++++++++++++++-----------------------
1 file changed, 34 insertions(+), 32 deletions(-)
--
2.39.5
