[Ack] [CVE-2011-2695] ext4: Fix max file size and logical block counting of extent format file

Leann Ogasawara leann.ogasawara at canonical.com
Mon Sep 26 13:35:33 UTC 2011

On Mon, 2011-09-26 at 13:10 +0100, Andy Whitcroft wrote:
> CVE-2011-2695
> 	Multiple off-by-one errors in the ext4 subsystem in the Linux
> 	kernel before 3.0-rc5 allow local users to cause a denial of
> 	service (BUG_ON and system crash) by accessing a sparse file in
> 	extent format with a write operation involving a block number
> 	corresponding to the largest possible 32-bit unsigned integer.
> Fixes for this issue have hit oneiric and P via mainline.  Following this
> email are two patch sets.  The first for lucid/fsl-imx51, the second for
> lucid, maverick, maverick/ti-omap4, natty, and natty/ti-omap4.
> The fix for lucid and up is identicle.  I have tested this fix on Natty
> using the reproduce-by in the patch.  Testing before and after on other
> releases appreciated.
> Proposing for lucid, lucid/fsl-imx51, maverick, maverick/ti-omap4, natty,
> and natty/ti-omap4.

Patches appear to do as they claim and have positive test results in
Natty.  I'd be curious if QA could incorporate the test case to cover
lucid and maverick?

Acked-by: Leann Ogasawara <leann.ogasawara at canonical.com>

More information about the kernel-team mailing list