CVE-2024-41034

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nilfs2: fix kernel bug on rename operation of broken directory<br /> <br /> Syzbot reported that in rename directory operation on broken directory on<br /> nilfs2, __block_write_begin_int() called to prepare block write may fail<br /> BUG_ON check for access exceeding the folio/page size.<br /> <br /> This is because nilfs_dotdot(), which gets parent directory reference<br /> entry ("..") of the directory to be moved or renamed, does not check<br /> consistency enough, and may return location exceeding folio/page size for<br /> broken directories.<br /> <br /> Fix this issue by checking required directory entries ("." and "..") in<br /> the first chunk of the directory in nilfs_dotdot().