In the Linux kernel, the following vulnerability has been resolved:
ovl: dont allow datadir only
In theory overlayfs could support upper layer directly referring to a data layer, but theres no current use case for this.
Originally, when data-only layers were introduced, this wasnt allowed, only introduced by the datadir+ feature, but without actually handling this case, resulting in an Oops.
Fix by disallowing datadir without lowerdir.