CVE-2022-49078

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> lz4: fix LZ4_decompress_safe_partial read out of bound<br /> <br /> When partialDecoding, it is EOF if we&amp;#39;ve either filled the output buffer<br /> or can&amp;#39;t proceed with reading an offset for following match.<br /> <br /> In some extreme corner cases when compressed data is suitably corrupted,<br /> UAF will occur. As reported by KASAN [1], LZ4_decompress_safe_partial<br /> may lead to read out of bound problem during decoding. lz4 upstream has<br /> fixed it [2] and this issue has been disscussed here [3] before.<br /> <br /> current decompression routine was ported from lz4 v1.8.3, bumping<br /> lib/lz4 to v1.9.+ is certainly a huge work to be done later, so, we&amp;#39;d<br /> better fix it first.<br /> <br /> [1] https://lore.kernel.org/all/000000000000830d1205cf7f0477@google.com/<br /> [2] https://github.com/lz4/lz4/commit/c5d6f8a8be3927c0bec91bcc58667a6cfad244ad#<br /> [3] https://lore.kernel.org/all/CC666AE8-4CA4-4951-B6FB-A2EFDE3AC03B@fb.com/