]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f8477b8) | patch
ext4: verify the depth of extent tree in ext4_find_extent()
authorTheodore Ts'o <tytso@mit.edu>
Thu, 14 Jun 2018 16:55:10 +0000 (12:55 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Thu, 14 Jun 2018 16:55:10 +0000 (12:55 -0400)
commitad270e657a1294e00931543cb62fd02b822c3baf
treecb1aeb05ac0a8eb30f12d49c68da6f1a65187bc2tree | snapshot
parentf8477b8b4c748e7781187089e10271f05bf9ca34commit | diff
ext4: verify the depth of extent tree in ext4_find_extent()

If there is a corupted file system where the claimed depth of the
extent tree is -1, this can cause a massive buffer overrun leading to
sadness.

This addresses CVE-2018-10877.

https://bugzilla.kernel.org/show_bug.cgi?id=199417

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
fs/ext4/ext4_extents.h diff | blob | history
fs/ext4/extents.c diff | blob | history
Linux Kernel Source Tree.