| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Jun 2011 00:14:54 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: Paul Gortmaker <paul.gortmaker@...driver.com>
Cc: stable@...nel.org, linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
stable-review@...nel.org, Timo Warns <warns@...-sense.de>
Subject: Re: [Stable-review] [34-longterm 224/247] fs/partitions/ldm.c: fix
oops caused by corrupted partition table
On Thu, 2011-06-23 at 13:34 -0400, Paul Gortmaker wrote:
> From: Timo Warns <Warns@...-sense.de>
>
> -------------------
> This is a commit scheduled for the next v2.6.34 longterm release.
> If you see a problem with using this for longterm, please comment.
> -------------------
>
> commit c340b1d640001c8c9ecff74f68fd90422ae2448a upstream.
>
> The kernel automatically evaluates partition tables of storage devices.
> The code for evaluating LDM partitions (in fs/partitions/ldm.c) contains
> a bug that causes a kernel oops on certain corrupted LDM partitions.
> A kernel subsystem seems to crash, because, after the oops, the kernel no
> longer recognizes newly connected storage devices.
>
> The patch validates the value of vblk_size.
[...]
This doesn't completely fix the possibility of a buffer overflow. You
also need commit cae13fe4cc3f24820ffb990c09110626837e85d4.
Ben.
--
Ben Hutchings
The two most common things in the universe are hydrogen and stupidity.
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists