[SRU][Focal/Lunar][PATCH 0/1] CVE-2023-3212
Stefan Bader
stefan.bader at canonical.com
Wed Aug 16 08:28:46 UTC 2023
On 15.08.23 18:24, Yuxuan Luo wrote:
> [Impact]
> Yang Lan discovered that the GFS2 file system implementation in the
> Linux kernel could attempt to dereference a null pointer in some
> situations. An attacker could use this to construct a malicious GFS2
> image that, when mounted and operated on, could cause a denial of
> service (system crash).
Why is Jammy not affected?
>
> [Backport]
> For Lunar, it is a clean cherry pick.
> For Focal, there is a conflict revolving the `if
> (test_bit(GIF_ALLOC_FAILED, &ip->i_flags)) {` line which requires
> 9e73330f298a (“gfs2: Try harder to delete inodes locally”) commit.
> However, even though the aforementioned conflicting line was modified to
> what it is now in the fix commit, it is not related to the fix, ignore
> it.
>
> [Test]
> Tested via mount and umount gfs2.
>
> [Potential Regression]
> Expect no regression.
>
>
> Bob Peterson (1):
> gfs2: Don't deref jdesc in evict
>
> fs/gfs2/super.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
--
- Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230816/d9d84337/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230816/d9d84337/attachment-0001.sig>
More information about the kernel-team
mailing list