Note:
This project will be discontinued after December 13, 2021. [more]
2018-07-03
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
Products | Linux_kernel |
Type | Out-of-bounds Write (CWE-787) |
First patch |
https://github.com/torvalds/linux/commit/23fcb3340d033d9f081e21e6c12c2db7eaa541d3 |
Relevant file/s |
• ./fs/xfs/libxfs/xfs_format.h (modified, +3)
• ./fs/xfs/libxfs/xfs_inode_buf.c (modified, +47, -29) |
Links |
• https://access.redhat.com/errata/RHSA-2019:2029
• https://access.redhat.com/errata/RHSA-2019:2043 • https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=23fcb3340d033d9f081e21e6c12c2db7eaa541d3 • https://access.redhat.com/errata/RHSA-2019:1350 • https://bugzilla.kernel.org/show_bug.cgi?id=199915 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: