ACK: [SRU Bionic 0/2] CVE-2020-36322 and CVE-2021-28950
Stefan Bader
stefan.bader at canonical.com
Thu Oct 14 08:15:00 UTC 2021
On 13.10.21 21:18, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged users could mount a fuse filesystem and trigger a BUG_ON or
> a soft lockup.
>
> [Test case]
> A test was found for the first issue, but not the second. The fix works for
> that first one.
>
> [Backport]
> The backport had a lot of conflicts due to context. As the nature of the fix
> was basically replacing is_bad_inode with fuse_is_bad and adding the check
> for fuse_is_bad, it is not that hard to review that the end result is as expected.
>
> [Potential regression]
> FUSE filesystems may lock up, trigger BUGs, or fail to respond. It is more
> likely to happen due to malicious actions. So, there is a chance that
> forcing bad inodes may lead to other potential hiccups.
>
> Amir Goldstein (1):
> fuse: fix live lock in fuse_iget()
>
> Miklos Szeredi (1):
> fuse: fix bad inode
>
> fs/fuse/acl.c | 6 ++++++
> fs/fuse/dir.c | 41 ++++++++++++++++++++++++++++++++++++-----
> fs/fuse/file.c | 21 ++++++++++++---------
> fs/fuse/fuse_i.h | 13 +++++++++++++
> fs/fuse/inode.c | 2 +-
> fs/fuse/xattr.c | 9 +++++++++
> 6 files changed, 77 insertions(+), 15 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20211014/64fd1e96/attachment.sig>
More information about the kernel-team
mailing list