Linux Kernel EROFS Missing Unmap Vulnerability in Compressed Length Handling

A vulnerability in the Linux kernel's EROFS (Enhanced Read-Only File System) component has been addressed. The issue arose because the function responsible for retrieving the compressed length of extents could fail, leading to a situation where metadata buffers were not properly unmapped, causing potential leaks. This vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability could lead to memory leaks by not properly unmapping metadata buffers, allowing for the possibility of increased memory usage or exhaustion.

Reproduction

The vulnerability can be reproduced by using the EROFS file system and triggering a failure in the 'z_erofs_get_extent_compressedlen' function while mapping blocks. This failure can be simulated by manipulating the conditions under which the function operates, causing it to return an error without the corresponding metadata buffer being unmapped.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been fixed.