APPLIED Re: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-2898
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 4 09:47:42 UTC 2023
Yuxuan Luo kirjoitti 2.8.2023 klo 17.22:
> [Impact]
> There is a null-pointer-dereference flaw found in f2fs_write_end_io in
> fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged
> user to cause a denial of service problem.
>
> [Backport]
> It is a clean cherry pick for OEM-6.0.
> For OEM-5.17, conflicts in `gc.c` requires e4544b63a7ee (“f2fs: move f2fs to use
> reader-unfair rwsems”); however, since the part related to the fix
> commit is merely renaming, it is possible to ignore this commit.
>
> [Test]
> Smoke tested on OEM-6.0.
>
> ```bash
> # apt-get install f2fs-tools -y
> # modprobe f2fs
> # modprobe null_blk gb=2 memory_backed=1 discard=1 # discard option is
> # not available in Jammy
> # mkdir /mnt/f2fs
> # mkfs.f2fs -l label /dev/nullb0
> # mount -t f2fs /dev/nullb0 /mnt/f2fs
> # echo "hello" | sudo tee /mnt/f2fs/test
> $ cat /mnt/f2fs/test
> ```
>
> [Potential Regression]
> Expect low regression potential.
>
> Chao Yu (1):
> f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
>
> fs/f2fs/f2fs.h | 2 +-
> fs/f2fs/file.c | 2 +-
> fs/f2fs/gc.c | 21 ++++++++++++++++++---
> 3 files changed, 20 insertions(+), 5 deletions(-)
>
applied to oem-5.17, -6.0, thanks
--
t
More information about the kernel-team
mailing list