In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: prevent uninitialized lcn caused by zero len

syzbot reported a uninit-value in ntfs_iomap_begin [1].

Since runs was not touched yet, run_lookup_entry() immediately fails
and returns false, which makes the value of "*len" 0.
Simultaneously, the new value and err value are also 0, causing the
logic in attr_data_get_block_locked() to jump directly to ok, ultimately
resulting in *lcn being triggered before it is set [1].

In ntfs_iomap_begin(), the check for a 0 value in clen is moved forward
to before updating lcn to avoid this [1].

[1]
BUG: KMSAN: uninit-value in ntfs_iomap_begin+0x8c0/0x1460 fs/ntfs3/inode.c:825
 ntfs_iomap_begin+0x8c0/0x1460 fs/ntfs3/inode.c:825
 iomap_iter+0x9b7/0x1540 fs/iomap/iter.c:110

Local variable lcn created at:
 ntfs_iomap_begin+0x15d/0x1460 fs/ntfs3/inode.c:786

https://git.kernel.org/stable/c/485f750cac3d8bdf5552a0e3d79ce5e3a03ece49

https://git.kernel.org/stable/c/e98266e823a1fa06fe6499df61aeaac2fd6f7a49

[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/ntfs3/inode.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"10d7c95af043b45a85dc738c3271bf760ff3577e","lessThan":"485f750cac3d8bdf5552a0e3d79ce5e3a03ece49","versionType":"git","status":"affected"},{"version":"10d7c95af043b45a85dc738c3271bf760ff3577e","lessThan":"e98266e823a1fa06fe6499df61aeaac2fd6f7a49","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/ntfs3/inode.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7.0","status":"affected"},{"version":"0","lessThan":"7.0","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]