| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cover.1763999341.git.hsukrut3@gmail.com>
Date: Tue, 25 Nov 2025 16:33:26 +0530
From: Sukrut Heroorkar <hsukrut3@...il.com>
To: Jan Kara <jack@...e.com>,
linux-kernel@...r.kernel.org (open list)
Cc: shuah@...nel.org,
david.hunter.linux@...il.com,
Sukrut Heroorkar <hsukrut3@...il.com>
Subject: [PATCH 6.1.y 0/2] udf: backport udf_rename fixes to verify link-count
This series backports two upstream commits needed to fix a udf_rename
crash reported by syzbot.
https://syzkaller.appspot.com/bug?extid=72f20dcde8dd7e4a788a
Patch 1: brings in the prerequisite restructuring of udf_rename from
upstream commit 9d35cebb794b ("udf_rename(): only access the child content
on cross-directory rename"). This commit introduces is_dir that the later
fix depends upon.
Patch 2: backports upstream commit 6756af923e06 ("udf: Verify inode link
counts before performing rename"), which adds the link-count verifications.
Both the patches apply cleanly to v6.1.y and this upstream fix is already
backported to v6.12.y with commit id 0a65d850c45d and, to v6.6.y with commit id
b41d73055284.
The reproducer from syzbot no longer triggers issue with this series
applied. The patch containing diffs, combined from both the commit was
tested by syzbot and it triggers no issue. The kernel also builds &
boots on a native x86_64 machine with this fix applied.
Al Viro (1):
udf_rename(): only access the child content on cross-directory rename
Jan Kara (1):
udf: Verify inode link counts before performing rename
fs/udf/namei.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
--
2.43.0
Powered by blists - more mailing lists