Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 703884a1dfb7844c3ba9899132bbab73d2e4240c
commit703884a1dfb7844c3ba9899132bbab73d2e4240c[log] [tgz]
authorStian Skjelstad <stian.skjelstad@gmail.com>Sun Aug 22 11:33:32 2021 +0200
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Wed Sep 22 11:42:59 2021 +0200
tree1c0757a83c0afd138db301b5c59504edef723005
parent8b595c4a40a90cc79dca03f320c02a833d359333 [diff]
udf_get_extendedattr() had no boundary checks.

[ Upstream commit 58bc6d1be2f3b0ceecb6027dfa17513ec6aa2abb ]

When parsing the ExtendedAttr data, malicous or corrupt attribute length
could cause kernel hangs and buffer overruns in some special cases.

Link: https://lore.kernel.org/r/20210822093332.25234-1-stian.skjelstad@gmail.com
Signed-off-by: Stian Skjelstad <stian.skjelstad@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Sasha Levin <sashal@kernel.org>
1 file changed
tree: 1c0757a83c0afd138db301b5c59504edef723005
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS