Google Git
Sign in
android-kvm / linux / 5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d
commit5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d[log] [tgz]
authorTheodore Ts'o <tytso@mit.edu>Wed Jun 13 00:23:11 2018 -0400
committerTheodore Ts'o <tytso@mit.edu>Wed Jun 13 00:23:11 2018 -0400
treefe0425a2ac97acce9b8d68b051edad388813dc59
parent327eaf738ff97d19491362e30497954105d60414 [diff]
ext4: add corruption check in ext4_xattr_set_entry()

In theory this should have been caught earlier when the xattr list was
verified, but in case it got missed, it's simple enough to add check
to make sure we don't overrun the xattr buffer.

This addresses CVE-2018-10879.

https://bugzilla.kernel.org/show_bug.cgi?id=200001

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Cc: stable@kernel.org
1 file changed
tree: fe0425a2ac97acce9b8d68b051edad388813dc59
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .clang-format
  25. .cocciconfig
  26. .get_maintainer.ignore
  27. .gitattributes
  28. .gitignore
  29. .mailmap
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. README