CVE-2023-52622

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: avoid online resizing failures due to oversized flex bg<br /> <br /> When we online resize an ext4 filesystem with a oversized flexbg_size,<br /> <br /> mkfs.ext4 -F -G 67108864 $dev -b 4096 100M<br /> mount $dev $dir<br /> resize2fs $dev 16G<br /> <br /> the following WARN_ON is triggered:<br /> ==================================================================<br /> WARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550<br /> Modules linked in: sg(E)<br /> CPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314<br /> RIP: 0010:__alloc_pages+0x411/0x550<br /> Call Trace:<br /> <br /> __kmalloc_large_node+0xa2/0x200<br /> __kmalloc+0x16e/0x290<br /> ext4_resize_fs+0x481/0xd80<br /> __ext4_ioctl+0x1616/0x1d90<br /> ext4_ioctl+0x12/0x20<br /> __x64_sys_ioctl+0xf0/0x150<br /> do_syscall_64+0x3b/0x90<br /> ==================================================================<br /> <br /> This is because flexbg_size is too large and the size of the new_group_data<br /> array to be allocated exceeds MAX_ORDER. Currently, the minimum value of<br /> MAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding<br /> maximum number of groups that can be allocated is:<br /> <br /> (PAGE_SIZE