In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit (_le16), but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a check to prevent out-of-bounds access if ltreedepth has an invalid value, which may occur when reading from a corrupted mounted disk [1].
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.15.0-1019.24~20.04.1.1", "binary_name": "linux-image-unsigned-5.15.0-1019-azure-fde" }, { "binary_version": "5.15.0-1019.24~20.04.1.1", "binary_name": "linux-image-unsigned-5.15.0-1019-azure-fde-dbgsym" } ] }