ACK: [SRU Bionic 0/2] CVE-2020-36322 and CVE-2021-28950

Stefan Bader stefan.bader at canonical.com
Thu Oct 14 08:15:00 UTC 2021


On 13.10.21 21:18, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged users could mount a fuse filesystem and trigger a BUG_ON or
> a soft lockup.
> 
> [Test case]
> A test was found for the first issue, but not the second. The fix works for
> that first one.
> 
> [Backport]
> The backport had a lot of conflicts due to context. As the nature of the fix
> was basically replacing is_bad_inode with fuse_is_bad and adding the check
> for fuse_is_bad, it is not that hard to review that the end result is as expected.
> 
> [Potential regression]
> FUSE filesystems may lock up, trigger BUGs, or fail to respond. It is more
> likely to happen due to malicious actions. So, there is a chance that
> forcing bad inodes may lead to other potential hiccups.
> 
> Amir Goldstein (1):
>    fuse: fix live lock in fuse_iget()
> 
> Miklos Szeredi (1):
>    fuse: fix bad inode
> 
>   fs/fuse/acl.c    |  6 ++++++
>   fs/fuse/dir.c    | 41 ++++++++++++++++++++++++++++++++++++-----
>   fs/fuse/file.c   | 21 ++++++++++++---------
>   fs/fuse/fuse_i.h | 13 +++++++++++++
>   fs/fuse/inode.c  |  2 +-
>   fs/fuse/xattr.c  |  9 +++++++++
>   6 files changed, 77 insertions(+), 15 deletions(-)
> 
Acked-by: Stefan Bader <stefan.bader at canonical.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20211014/64fd1e96/attachment.sig>


More information about the kernel-team mailing list