oss-sec mailing list archives
Re: a number of CVEs for issues in the filesystem's code in the Linux kernel
From: Vladis Dronov <vdronov () redhat com>
Date: Fri, 20 Apr 2018 05:30:39 -0400 (EDT)
Hello, It appeared that there is another reproducer for CVE-2018-1092 ("kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image") which possibly affects a wider range of systems (than a previous one): https://bugzilla.kernel.org/show_bug.cgi?id=199275 It was verified that a crash caused by this reproducer (88.img) is fixed by the same upstream commit 8e4b5eae5decd. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- Re: a number of CVEs for issues in the filesystem's code in the Linux kernel Vladis Dronov (Apr 20)