CVE-2022-49464: 
Linux Debian vulnerability analysis and mitigation

In the Linux kernel, a buffer copy overflow vulnerability was discovered in the EROFS (Enhanced Read-Only File System) ztailpacking feature. The vulnerability is tracked as CVE-2022-49464. The issue was discovered when a KASAN (Kernel Address Sanitizer) report indicated a use-after-free condition in the zerofsshifted_transform function (Kernel Git).

The vulnerability occurs because the tail pcluster is not a complete filesystem block when ztailpacking is used. Specifically, the second part of an uncompressed tail pcluster may not be rq->pageofs_out. This leads to incorrect buffer size calculations and potential memory corruption. The issue was introduced by two previous commits: 'erofs: support unaligned data decompression' and 'erofs: support inline data decompression' (Kernel Git).

The vulnerability can result in a buffer overflow condition, which could potentially lead to memory corruption and system instability. The KASAN report showed a use-after-free condition with a read of size 4074 bytes, indicating potential unauthorized memory access (Kernel Git).

The issue has been fixed by correcting the buffer size calculations in the zerofsshiftedtransform function. The fix involves using the correct size (lefthalf) instead of pageofsout when copying memory in the affected code paths. The patch has been merged into the Linux kernel (Kernel Git).