APPLIED [OEM-5.17/OEM-6.0] Re: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2022-4842
Timo Aaltonen
tjaalton at ubuntu.com
Tue Jun 13 13:49:45 UTC 2023
Yuxuan Luo kirjoitti 9.6.2023 klo 21.00:
> [Impact]
> The bug occours due to a misuse of `attr` variable instead of `attr_b`. `attr`
> is being initialized as NULL, then being derenfernced as `attr->res.data_size`.
> This bug causes a crash of the ntfs3 driver itself, If compiled directly to the
> kernel, it crashes the whole system.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile and smoke tested.
>
> [Potential Regression]
> Expect minimal regression potential restricted within the scope.
>
> Alon Zahavi (1):
> fs/ntfs3: Fix attr_punch_hole() null pointer derenference
>
> fs/ntfs3/attrib.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
applied to oem kernels, thanks
--
t
More information about the kernel-team
mailing list