[X/B/D][SRU] Fix for CVE-2019-18885

Connor Kuehl connor.kuehl at canonical.com
Tue Dec 10 00:48:18 UTC 2019


>From the link above:

    "fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a
    btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image
    because fs_devices->devices is mishandled within find_device, aka

The additional commit, "btrfs: refactor btrfs_find_device() take fs_devices as
argument" was taken to ease the placement of the commit that is specified by the
CVE as a fix. This enabled a clean cherry-pick into Disco.

Cherry picks straight into Disco.

Minor context adjustments for Bionic.

Xenial required some hand-holding as certain hunks wouldn't apply to a function
that perhaps has not been added yet, certain function arguments have not been
refactored but are accessible by accessing members of the enclosing structure
that *is* passed.

More information about the kernel-team mailing list