CVE-2023-53845

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nilfs2: fix infinite loop in nilfs_mdt_get_block()<br /> <br /> If the disk image that nilfs2 mounts is corrupted and a virtual block<br /> address obtained by block lookup for a metadata file is invalid,<br /> nilfs_bmap_lookup_at_level() may return the same internal return code as<br /> -ENOENT, meaning the block does not exist in the metadata file.<br /> <br /> This duplication of return codes confuses nilfs_mdt_get_block(), causing<br /> it to read and create a metadata block indefinitely.<br /> <br /> In particular, if this happens to the inode metadata file, ifile,<br /> semaphore i_rwsem can be left held, causing task hangs in lock_mount.<br /> <br /> Fix this issue by making nilfs_bmap_lookup_at_level() treat virtual block<br /> address translation failures with -ENOENT as metadata corruption instead<br /> of returning the error code.