CVE-2023-52933

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the handling and sanity checking of xattr ids count in the Squashfs filesystem. The issue arises from a corrupted filesystem, where the xattr ids value is 4294967071, which becomes a negative number -225 when stored in a signed variable. This causes computation overflow due to incorrect typing, leading to two flaws: one on 64-bit systems only, where the signed integer xattr ids variable causes sign extension, and another on 32-bit systems only, where the integer variable overflows when multiplied. The effect of this is a 0 length computation, which can cause a sanity check code to fail.

Recommendations To resolve the issue, consider updating the Linux kernel to a version that includes the fix for the Squashfs handling and sanity checking of xattr ids count. As a temporary workaround, consider applying the fix to the Squashfs code by changing the xattr ids variable to be an "unsigned int" on 64-bit systems or casting the variable to u64 in the SQUASHFS XATTR *(A) macros on 32-bit systems.