lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 24 Apr 2024 13:11:13 +0300
From: Roman Smirnov <r.smirnov@....ru>
To: <stable@...r.kernel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Konstantin Komarov <almaz.alexandrovich@...agon-software.com>
CC: Roman Smirnov <r.smirnov@....ru>, <ntfs3@...ts.linux.dev>,
	<linux-kernel@...r.kernel.org>, Sergey Shtylyov <s.shtylyov@....ru>,
	<lvc-project@...uxtesting.org>
Subject: [PATCH 6.1 0/1] fs: ntfs3: fix UBSAN: shift-out-of-bounds in ntfs_fill_super()

Syzkaller reports out of bounds on shift in ntfs_init_from_boot(). The problem
was fixed in upstream with patch 91a4b1ee78cb100b19b70f077c247f211110348f.
This can be fixed in branch 6.1 with the following patch.

Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Link: https://syzkaller.appspot.com/bug?extid=010986becd65dbf9464b

Konstantin Komarov (1):
  fs/ntfs3: Fix shift-out-of-bounds in ntfs_fill_super

 fs/ntfs3/ntfs_fs.h |  2 ++
 fs/ntfs3/super.c   | 50 +++++++++++++++++++++++++++++-----------------
 2 files changed, 34 insertions(+), 18 deletions(-)

-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ