DEBIAN-CVE-2026-43067

In the Linux kernel, the following vulnerability has been resolved:  ext4: handle wraparound when searching for blocks for indirect mapped blocks  Commit 4865c768b563 ("ext4: always allocate blocks only from groups inode can use") restricts what blocks will be allocated for indirect block based files to block numbers that fit within 32-bit block numbers.  However, when using a review bot running on the latest Gemini LLM to check this commit when backporting into an LTS based kernel, it raised this concern:     If ac->acgex.fegroup is >= ngroups (for instance, if the goal    group was populated via stream allocation from smblastgroups),    then start will be >= ngroups.     Does this allow allocating blocks beyond the 32-bit limit for    indirect block mapped files? The commit message mentions that    ext4mbscangroupslinear() takes care to not select unsupported    groups. However, its loop uses group = *start, and the very first    iteration will call ext4mbscangroup() with this unsupported    group because nextlineargroup() is only called at the end of the    iteration.  After reviewing the code paths involved and considering the LLM review, I determined that this can happen when there is a file system where some files/directories are extent-mapped and others are indirect-block mapped.  To address this, add a safety clamp in ext4mbscangroups().