Unrated severityNVD Advisory· Published Dec 27, 2024· Updated Nov 3, 2025

erofs: handle NONHEAD !delta[1] lclusters gracefully

CVE-2024-53234

Description

In the Linux kernel, the following vulnerability has been resolved:

syzbot reported a WARNING in iomap_iter_done: iomap_fiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctl_fiemap fs/ioctl.c:220 [inline]

Generally, NONHEAD lclusters won't have delta[1]==0, except for crafted images and filesystems created by pre-1.0 mkfs versions.

Previously, it would immediately bail out if delta[1]==0, which led to inadequate decompressed lengths (thus FIEMAP is impacted). Treat it as delta[1]=1 to work around these legacy mkfs versions.

lclusterbits > 14 is illegal for compact indexes, error out too.

Affected products

Linux/erofsllm-fuzzy
Range: < 1.0 (pre-1.0 mkfs)
osv-coords69 versions
pkg:deb/ubuntu/linux@6.11.0-18.18?arch=source&distro=oracular pkg:deb/ubuntu/linux-aws@6.11.0-1009.10?arch=source&distro=oracular pkg:deb/ubuntu/linux-azure@6.11.0-1009.9?arch=source&distro=oracular pkg:deb/ubuntu/linux-gcp@6.11.0-1009.9?arch=source&distro=oracular pkg:deb/ubuntu/linux-lowlatency@6.11.0-1010.11?arch=source&distro=oracular pkg:deb/ubuntu/linux-oracle@6.11.0-1011.12?arch=source&distro=oracular pkg:deb/ubuntu/linux-raspi@6.11.0-1008.8?arch=source&distro=oracular pkg:deb/ubuntu/linux-realtime@6.11.0-1005.5?arch=source&distro=oracular pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_5&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_5&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_5&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_5&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
< 6.11.0-18.18+ 68 more
- (no CPE)range: < 6.11.0-18.18
- (no CPE)range: < 6.11.0-1009.10
- (no CPE)range: < 6.11.0-1009.9
- (no CPE)range: < 6.11.0-1009.9
- (no CPE)range: < 6.11.0-1010.11
- (no CPE)range: < 6.11.0-1011.12
- (no CPE)range: < 6.11.0-1008.8
- (no CPE)range: < 6.11.0-1005.5
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1.150600.12.14.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-15061.12.coco15sp6.1
- (no CPE)range: < 6.4.0-15061.12.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.33.1.150600.12.14.1
- (no CPE)range: < 6.4.0-24.1.21.4
- (no CPE)range: < 6.4.0-24.1.21.4
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 1-1.1
- (no CPE)range: < 1-1.1
- (no CPE)range: < 1-1.2
- (no CPE)range: < 1-1.2
- (no CPE)range: < 1-150600.1.3.1
- (no CPE)range: < 1-150600.13.3.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-15061.12.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-25.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.8.23.1
- (no CPE)range: < 6.4.0-15061.12.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.33.1
- (no CPE)range: < 6.4.0-150600.10.23.1
- (no CPE)range: < 6.4.0-150600.23.33.1
Linux/Linuxcpe-rescue
Range: 5.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000