CVE-2024-57923

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path<br /> <br /> Since the input data length passed to zlib_compress_folios() can be<br /> arbitrary, always setting strm.avail_in to a multiple of PAGE_SIZE may<br /> cause read-in bytes to exceed the input range. Currently this triggers<br /> an assert in btrfs_compress_folios() on the debug kernel (see below).<br /> Fix strm.avail_in calculation for S390 hardware acceleration path.<br /> <br /> assertion failed: *total_in 0000021761df6538: 0707 bcr 0,%r7<br /> 0000021761df653a: 0707 bcr 0,%r7<br /> 0000021761df653c: 0707 bcr 0,%r7<br /> 0000021761df653e: 0707 bcr 0,%r7<br /> 0000021761df6540: c004004bb7ec brcl 0,000002176276d518<br /> Call Trace:<br /> [] btrfs_compress_folios+0x198/0x1a0<br /> ([] btrfs_compress_folios+0x194/0x1a0)<br /> [] compress_file_range+0x3b8/0x6d0<br /> [] btrfs_work_helper+0x10c/0x160<br /> [] process_one_work+0x2b0/0x5d0<br /> [] worker_thread+0x20e/0x3e0<br /> [] kthread+0x15a/0x170<br /> [] __ret_from_fork+0x3c/0x60<br /> [] ret_from_fork+0xa/0x38<br /> INFO: lockdep is turned off.<br /> Last Breaking-Event-Address:<br /> [] _printk+0x4c/0x58<br /> Kernel panic - not syncing: Fatal exception: panic_on_oops