Linux Kernel EROFS Filesystem End-of-Filesystem Handling Vulnerability

A vulnerability in the Linux kernel's EROFS (Enhanced Read-Only File System) implementation has been addressed. The issue involved improper handling of file-backed mounts at the end of the filesystem. I/O requests extending beyond the filesystem's limits were not being zeroed out as expected, similar to the behavior of loopback devices. This vulnerability could potentially lead to unintended data exposure or corruption.

Impact

The vulnerability could result in I/O requests beyond the end of the filesystem not being properly zeroed out, potentially leading to data exposure or corruption.

Reproduction

The vulnerability can be reproduced by mounting a file-backed EROFS filesystem and performing I/O operations that extend beyond the end of the filesystem. The expected behavior is for these operations to be zeroed out, but the vulnerability causes them to be improperly handled.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version can be found in the Linux kernel documentation.