Description: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2070205
 https://lore.kernel.org/linux-ext4/20220428180355.15209-1-jack@suse.cz/T/#t
 https://bugzilla.suse.com/show_bug.cgi?id=1198577
Notes:
 carnil> Fixed as well in 5.17.14 for 5.17.y, 5.18.3 for 5.18.y.
 carnil> Ben, pelase double check if you agree on the triage. It is
 carnil> based on the additional information provided in the SUSE
 carnil> bugzilla.
 carnil> Turns out that 46c116b920eb ("ext4: verify dir block before
 carnil> splitting it") and 3ba733f879c2 ("ext4: avoid cycles in
 carnil> directory h-tree") are not the upstream fixes, but according to
 carnil> Lukas Czerner the following is needed:
 carnil> 65f8ea4cd57d ("ext4: check if directory block is within
 carnil> i_size") to fix the CVE and additional as defensive measure
 carnil> b8a04fe77ef1 ("ext4: make sure ext4_append() always allocates
 carnil> new block").
 carnil> Fixed as well in 5.18.18 for 5.18.y and in 5.19.2 for 5.19.y.
Bugs:
upstream: released (6.0-rc1) [65f8ea4cd57dbd46ea13b41dc8bac03176b04233]
5.10-upstream-stable: needed
4.19-upstream-stable: needed
sid: needed
5.10-bullseye-security: needed
4.19-buster-security: needed