APPLIED: [SRU][Bionic][PATCH 0/1] Fix for CVE-2021-3506
Kleber Souza
kleber.souza at canonical.com
Fri Feb 11 11:52:42 UTC 2022
On 2/8/22 21:19, Joseph Salisbury wrote:
> [Impact]
> An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the
> f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check
> failure allows a local attacker to gain access to out-of-bounds memory leading
> to a system crash or a leak of internal kernel information. The highest threat
> from this vulnerability is to system availability.
>
> [Fix]
> b862676e3717 ("f2fs: fix to avoid out-of-bounds memory access")
>
> [Potential regression]
> This change is limited to f2fs.
>
> CVE-2021-3506
>
> Chao Yu (1):
> f2fs: fix to avoid out-of-bounds memory access
>
> fs/f2fs/node.c | 3 +++
> 1 file changed, 3 insertions(+)
>
Applied to bionic:linux.
Thanks,
Kleber
More information about the kernel-team
mailing list