APPLIED/cmnt: [PATCH 0/1][T/X/B] CVE-2018-18690 - Denial of service in XFS

Khaled Elmously khalid.elmously at
Thu Nov 29 07:18:06 UTC 2018

Applied to all targets. Note that the patch as it was didn't actually apply to Trusty as it needed to be adjusted for context and path-changes. I made the necessary adjustments and updated the commit message accordingly (changed it from 'cherry picked from' to 'backported from').

On 2018-11-20 01:31:09 , Tyler Hicks wrote:
>  In the Linux kernel before 4.17, a local attacker able to set attributes on
>  an xfs filesystem could make this filesystem non-operational until the next
>  mount by triggering an unchecked error condition during an xfs attribute
>  change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c
>  mishandles ATTR_REPLACE operations with conversion of an attr from short to
>  long form.
> Clean cherry pick in Bionic through Trusty. I tested this change in all
> affected releases manually via the reproducer in the upstream bug
> report. The build logs are clean.
> Tyler
> -- 
> kernel-team mailing list
> kernel-team at

More information about the kernel-team mailing list