Description: ovl: fail on invalid uid/gid mapping at copy up
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2159505
 https://github.com/chenaotian/CVE-2023-0386
Notes:
 carnil> Issue different from CVE-2021-3847.
 carnil> Only exploitable after commit 459c7c565ac3 "ovl: unprivieged
 carnil> mounts" in 5.11-rc1, or if the Debian-specific module parameter
 carnil> permit_mounts_in_userns is enabled.
Bugs:
upstream: released (6.2-rc6) [4f11ada10d0ad3fd53e2bd67806351de63a4f9c3]
6.1-upstream-stable: released (6.1.9) [42fea1c35254c49cce07c600d026cbc00c6d3c81]
5.10-upstream-stable: N/A "Not exploitable in this version"
4.19-upstream-stable: N/A "Not exploitable in this version"
sid: released (6.1.11-1)
6.1-bookworm-security: N/A "Fixed before branch point"
5.10-bullseye-security: released (5.10.179-1) [bugfix/all/ovl-fail-on-invalid-uid-gid-mapping-at-copy-up.patch]
4.19-buster-security: pending (4.19.309-1) [bugfix/all/ovl-fail-on-invalid-uid-gid-mapping-at-copy-up.patch]