Please disregard the previous message, those are the actual CVE numbers:
- CVE-2025-26726 :SquashFS directory table parsing buffer overflow
- CVE-2025-26727: SquashFS inode parsing buffer overflow.
- CVE-2025-26728: SquashFS nested file reading buffer overflow.
- CVE-2025-26729: EroFS symlink reso
Hi folks.
Here are the CVEs assigned by MITRE:
- CVE-2025-26721: buffer overflow in the persistent storage for file creation
- CVE-2025-26722: buffer overflow in SquashFS symlink resolution
- CVE-2025-26723: buffer overflow in EXT4 symlink resolution
- CVE-2025-26724: buffer overflow in CramFS sym
... and use `EROFS_MAX_BLOCK_SIZE * 2` to avoid potential issues
with buggy compressors.
Signed-off-by: Gao Xiang
---
lib/compress.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/lib/compress.c b/lib/compress.c
index e9a4459..da3fded 100644
--- a/lib/compress.c
+++
Replace the old per-inode reaper to avoid unnecessary memory overhead.
It also speeds up the multithreaded compression a bit.
Signed-off-by: Gao Xiang
---
lib/compress.c | 31 ++-
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/lib/compress.c b/lib/com
Replace the old per-inode reaper to avoid unnecessary memory overhead.
It also speeds up the multithreaded compression a bit.
Signed-off-by: Gao Xiang
---
lib/compress.c | 31 ++-
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/lib/compress.c b/lib/com
