projects / platform / kernel / linux-amlogic.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5ae5732) | patch
ext4: verify the depth of extent tree in ext4_find_extent()
authorTheodore Ts'o <tytso@mit.edu>
Thu, 14 Jun 2018 16:55:10 +0000 (12:55 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 11 Jul 2018 14:26:44 +0000 (16:26 +0200)
commit87dad44faabd45683fba94443471298f8809e8a8
tree0f1b75e15c9399e0bf93f5f4e9006d49926d7f6btree | snapshot
parent5ae57329580d6ceca97559ff030a5f0e91fa66fecommit | diff
ext4: verify the depth of extent tree in ext4_find_extent()

commit bc890a60247171294acc0bd67d211fa4b88d40ba upstream.

If there is a corupted file system where the claimed depth of the
extent tree is -1, this can cause a massive buffer overrun leading to
sadness.

This addresses CVE-2018-10877.

https://bugzilla.kernel.org/show_bug.cgi?id=199417

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/ext4/ext4_extents.h diff | blob | history
fs/ext4/extents.c diff | blob | history
Domain: System / Kernel;