Dāvis Mosāns

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.17.0-rc2-1 #12 **Description** The vulnerability is related to the btrfs component of the Linux kernel, where a compressed length can be corrupted to be larger than the allocated memory buffer. This can cause a memcpy in copy compressed segment to write outside of allocated memory, resulting in a stuck read syscall or a general protection fault when using btrfs send. The issue is caused by the function `lzo decompress bio` and can lead to a denial of service. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the btrfs vulnerability. Specifically, update to a version later than 5.17.0-rc2-1 #12. As a temporary workaround, consider disabling the `btrfs` component until a patch is available.