projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: db2f238) | patch
udf_get_extendedattr() had no boundary checks.
authorStian Skjelstad <stian.skjelstad@gmail.com>
Sun, 22 Aug 2021 09:33:32 +0000 (11:33 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 15 Sep 2021 07:50:27 +0000 (09:50 +0200)
commit9d999957cb39ab7f37235808e006cf5b5bef536b
tree688bd91c1e122882868f80b57ad78fb41441ab71tree
parentdb2f238d8d12569b92f74ba89b7f2ad79fc4bd1acommit | diff
udf_get_extendedattr() had no boundary checks.

[ Upstream commit 58bc6d1be2f3b0ceecb6027dfa17513ec6aa2abb ]

When parsing the ExtendedAttr data, malicous or corrupt attribute length
could cause kernel hangs and buffer overruns in some special cases.

Link: https://lore.kernel.org/r/20210822093332.25234-1-stian.skjelstad@gmail.com
Signed-off-by: Stian Skjelstad <stian.skjelstad@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Sasha Levin <sashal@kernel.org>
fs/udf/misc.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)