ext4: fix off-by-one error in do_split

In the Linux kernel, the following vulnerability has been resolved: e ...

In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ================================================================== BUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90 Read of size 4 at addr ffff888012c120c4 by task repro/2065 CPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x1fd/0x300 ? tcp_gro_dev_warn+0x260/0x260 ? _printk+0xc0/0x100 ? read_lock_is_recursive+0x10/0x10 ? irq_work_queue+0x72/0xf0 ? __virt_addr_valid+0x17b/0x4b0 print_address_description+0x78/0x390 print_report+0x107/0x1f0 ? __virt_addr_valid+0x17b/0x4b0 ? __virt_addr_valid+0x3ff/0x4b0 ? __phys_addr+0xb5/0x160 ? ext4_xattr_ino...

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109 Write of size 251 at addr ffff888074572f14 by task syz-executor335/5847 CPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 ext4_insert_dentry+0x36a/0x6...

Уязвимость ядра операционной системы Linux, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость функции ext4_xattr_inode_dec_ref_all() компонента fs/ext4/xattr.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP5)

Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4)

Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3)

Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6)

Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5)