commit | 87dad44faabd45683fba94443471298f8809e8a8 | [log] [tgz] |
---|---|---|
author | Theodore Ts'o <tytso@mit.edu> | Thu Jun 14 12:55:10 2018 -0400 |
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | Wed Jul 11 16:26:44 2018 +0200 |
tree | 0f1b75e15c9399e0bf93f5f4e9006d49926d7f6b | |
parent | 5ae57329580d6ceca97559ff030a5f0e91fa66fe [diff] |
ext4: verify the depth of extent tree in ext4_find_extent() commit bc890a60247171294acc0bd67d211fa4b88d40ba upstream. If there is a corupted file system where the claimed depth of the extent tree is -1, this can cause a massive buffer overrun leading to sadness. This addresses CVE-2018-10877. https://bugzilla.kernel.org/show_bug.cgi?id=199417 Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>