commit | 12e7235fed50d70fb806cf820cbdf7032f6daad9 | [log] [tgz] |
---|---|---|
author | Theodore Ts'o <tytso@mit.edu> | Tue Mar 27 03:54:10 2018 |
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | Tue May 29 18:23:08 2018 |
tree | 2733c1579b9fdbd0dd1d47ef1a9e28ea3443e57e | |
parent | 22bcc3bf905061e48b979df02194707e9bbc2144 [diff] |
UPSTREAM: ext4: add validity checks for bitmap block numbers An privileged attacker can cause a crash by mounting a crafted ext4 image which triggers a out-of-bounds read in the function ext4_valid_block_bitmap() in fs/ext4/balloc.c. This issue has been assigned CVE-2018-1093. BUG=chromium:839357 TEST=None Change-Id: I4665dad01297f9f0dbe6e8577d9a76f7979d0eb6 BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=199181 BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1560782 Reported-by: Wen Xu <wen.xu@gatech.edu> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@vger.kernel.org (cherry picked from commit 7dac4a1726a9c64a517d595c40e95e2d0d135f6f) Signed-off-by: Zubin Mithra <zsm@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1042617 (cherry picked from commit 95633d3285437bc18bc34db33200a4e127b145cf) Reviewed-on: https://chromium-review.googlesource.com/1077007