GHSA-v64f-8vqx-f88gunknown
In the Linux kernel, the following vulnerability has been resolved: erofs: unify lcn as u64 for...
🔗 CVE IDs covered (1)
📋 Description
In the Linux kernel, the following vulnerability has been resolved:
erofs: unify lcn as u64 for 32-bit platforms
As sashiko reported [1], lcn was typed as unsigned long (or
unsigned int sometimes), which is only 32 bits wide on 32-bit
platforms, which causes (lcn << lclusterbits) to be truncated
at 4 GiB.
In order to consolidate the logic, just use u64 consistently
around the codebase.
[1] https://sashiko.dev/r/20260420034612.1899973-1-hsiangkao%40linux.alibaba.com
🔗 References (6)
- https://nvd.nist.gov/vuln/detail/CVE-2026-53015
- https://git.kernel.org/stable/c/2d8c7edcb661812249469f4a5b62e9339118846f
- https://git.kernel.org/stable/c/4fc9b12e43a3f19a01a8fb61f7961be79de20253
- https://git.kernel.org/stable/c/582b0bf201157632cb5474c885989a6ebda46521
- https://git.kernel.org/stable/c/858e4d98a86adf34584767388deb6c9b217f70c5
- https://github.com/advisories/GHSA-v64f-8vqx-f88g