CVE-2024-47736
erofs: handle overlapped pclusters out of crafted images properly
References
Notes
carnil> Introduced in 8e6c8fa9f2e9 ("erofs: enable big pcluster feature"). Vulnerable
carnil> versions: 5.13-rc1.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.12-rc1) [9e2f9d34dd12e6e5b244ec488bcebd0c2d566c50]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.12-upstream-stable |
N/A "Fixed before branching point"
|
| 6.11-upstream-stable |
released (6.11.2) [9cfa199bcbbbba31cbf97b2786f44f4464f3f29a]
|
| 6.10-upstream-stable |
released (6.10.13) [b9b30af0e86ffb485301ecd83b9129c9dfb7ebf8]
|
| 6.6-upstream-stable |
released (6.6.72) [1bf7e414cac303c9aec1be67872e19be8b64980c]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
N/A "Vulnerable code not present"
|
| 4.19-upstream-stable |
N/A "Vulnerable code not present"
|
| sid |
released (6.11.2-1)
|
| 6.12-trixie-security |
N/A "Fixed before branching point"
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
N/A "Vulnerable code not present"
|
