[SRU][Focal, hwe-5.8][PATCH 0/2] CVE-2019-19449
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Sep 30 10:42:12 UTC 2021
On Wed, Sep 29, 2021 at 04:57:38PM -0700, Luke Nowakowski-Krijger wrote:
> [Impact]
> Mounting a crafted f2fs file system with a segment count in a section
> that is less than segs_per_sec causes out-of-boundary memory access
> during fs initalization.
>
> [Test case]
> Reproduced bug with syzbot reproducer
> (https://syzkaller.appspot.com/x/repro.c?x=102fbac5900000)
> with slight modification to target a valid loop device.
> Confirmed that after the patches were applied the fs reports that there
> are malformed segments/sections and mounting the file system fails,
> which stops the initialization from continuing and preventing the
> out-of-boundary memory access.
>
> [Potential regression]
> The patches add checks that are a superset of the previous checks, which
> might cause some filesystems that succeeded in mounting to now fail.
>
> Chao Yu (1):
> f2fs: fix to do sanity check on segment/section count
>
> Wang Xiaojun (1):
> f2fs: fix wrong total_sections check and fsmeta check
>
> fs/f2fs/segment.h | 1 +
> fs/f2fs/super.c | 14 ++++++++++----
> 2 files changed, 11 insertions(+), 4 deletions(-)
>
> --
> 2.30.2
Hey, Luke.
Have you tested the bionic kernel? Is it affected as well? Or rather, any
reason you haven't submitted this for 4.15 kernels?
Thanks a lot for the work.
Cascardo.
More information about the kernel-team
mailing list