Valentin Vidic

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 5.11 and later, built with CONFIG FORTIFY SOURCE, are affected. **Description** The issue arises from the fact that strings for cluster stack and cluster name are not guaranteed to be null terminated in the disk representation, while the `strlcpy` function assumes that the source string is always null terminated. This causes a read outside of the source string, triggering the buffer overflow detection. The problem occurs when mounting an ocfs2 filesystem with either o2cb or pcmk cluster stack. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.