CVE-2022-50746

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> erofs: validate the extent length for uncompressed pclusters<br /> <br /> syzkaller reported a KASAN use-after-free:<br /> https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2<br /> <br /> The referenced fuzzed image actually has two issues:<br /> - m_pa == 0 as a non-inlined pcluster;<br /> - The logical length is longer than its physical length.<br /> <br /> The first issue has already been addressed. This patch addresses<br /> the second issue by checking the extent length validity.