The Linux kernel's ext4 file system implementation contains an integer overflow that can be triggered by mounting a crafted file system. The problem occurs in ext4_es_cache_extent(), when lblk + len exceeds 2^32.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1936787]
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This was fixed for Fedora with the 5.8.6 stable kernel update.
The kernel packages as shipped in following Red Hat products were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2021:1578 kernel-rt in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2021:1739