lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 11 Oct 2022 11:38:37 -0700
From:   Tadeusz Struk <tadeusz.struk@...aro.org>
To:     Theodore Ts'o <tytso@....edu>
Cc:     Andreas Dilger <adilger.kernel@...ger.ca>,
        linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org,
        syzbot+a22dc4b0744ac658ed9b@...kaller.appspotmail.com
Subject: Re: [PATCH] ext4: Add extend check to prevent BUG() in ext4_es_end

On 9/30/22 13:25, Tadeusz Struk wrote:
> Syzbot reported an issue with ext4 extents. The reproducer creates
> a corrupted ext4 fs image in memory, and mounts it as a loop device.
> It invokes the ext4_cache_extents() and ext4_find_extent(), which
> eventually triggers a BUG() in ext4_es_end() causing a kernel crash.
> It triggers on mainline, and every kernel version back to v4.14.
> Add a call ext4_ext_check_inode() in ext4_find_extent() to prevent
> the crash.
> 
> To: "Theodore Ts'o"<tytso@....edu>
> Cc: "Andreas Dilger"<adilger.kernel@...ger.ca>
> Cc:<linux-ext4@...r.kernel.org>
> Cc:<linux-kernel@...r.kernel.org>
> Cc:<stable@...r.kernel.org>
> 
> Link:https://syzkaller.appspot.com/bug?id=641e7a4b900015c5d7a729d6cc1fba7a928a88f9
> Reported-by:syzbot+a22dc4b0744ac658ed9b@...kaller.appspotmail.com
> Signed-off-by: Tadeusz Struk<tadeusz.struk@...aro.org>

Hi,
Any comments/feedback on this one?

-- 
Thanks,
Tadeusz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ