APPLIED[Bionic]: [SRU Focal, Bionic PATCH 0/2] CVE-2022-1184
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Jun 21 18:52:23 UTC 2023
On Wed, 17 May 2023 19:12:26 +0300, Cengiz Can wrote:
> [Impact]
> A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the
> Linux kernel’s filesystem sub-component. This flaw allows a local attacker with
> a user privilege to cause a denial of service.
>
> [Fix]
> This was tricky. I had to dive deep into other vendors' bugzillas and irc
> channels to verify if the patches were enough.
>
> [...]
Applied, thanks!
[1/2] ext4: check if directory block is within i_size
commit: 7318510c9d9b81fcefd6d2336b00a9575b367edc
[2/2] ext4: fix check for block being out of directory size
commit: 312e1fc9abf64dac0c2b9aa90885715df7acabea
Best regards,
--
Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
More information about the kernel-team
mailing list