Re: [PATCH 6.1 0/2] erofs: handle overlapped pclusters out of crafted images properly

From: Gao Xiang
Date: Fri Feb 28 2025 - 21:58:14 EST

Next message: Li Ming: "Re: [PATCH v1 1/1] cxl/hdm: Verify HDM decoder capabilities after parsing"
Previous message: Yang Shi: "Re: [PATCH v2 1/4] arm64: Add BBM Level 2 cpu feature"
In reply to: Alexey Panov: "[PATCH 6.1 2/2] erofs: fix PSI memstall accounting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2025/3/1 00:51, Alexey Panov wrote:

Commit 9e2f9d34dd12 ("erofs: handle overlapped pclusters out of crafted
images properly") fixes CVE-2024-47736 [1] but brings another problem [2].
So commit 1a2180f6859c ("erofs: fix PSI memstall accounting") should be
backported too.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-47736
[2] https://lore.kernel.org/all/CAKPOu+8tvSowiJADW2RuKyofL_CSkm_SuyZA7ME5vMLWmL6pqw@xxxxxxxxxxxxxx/

Thanks for your effort! Patches look good to me.

Thanks,
Gao Xiang

Next message: Li Ming: "Re: [PATCH v1 1/1] cxl/hdm: Verify HDM decoder capabilities after parsing"
Previous message: Yang Shi: "Re: [PATCH v2 1/4] arm64: Add BBM Level 2 cpu feature"
In reply to: Alexey Panov: "[PATCH 6.1 2/2] erofs: fix PSI memstall accounting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]