From 7323f585f123797084f5f8df6a14bdf506fcb4e1 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 20 Oct 2018 21:06:54 +0200 Subject: Retire CVE-2018-10883 Fix now complete as well for 4.9-upstream-stable and no further tracking action is needed. --- retired/CVE-2018-10883 | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 retired/CVE-2018-10883 (limited to 'retired/CVE-2018-10883') diff --git a/retired/CVE-2018-10883 b/retired/CVE-2018-10883 new file mode 100644 index 00000000..9b78822e --- /dev/null +++ b/retired/CVE-2018-10883 @@ -0,0 +1,16 @@ +Description: stack-out-of-bounds write in jbd2_journal_dirty_metadata() +References: + https://bugzilla.kernel.org/show_bug.cgi?id=200071 + https://patchwork.ozlabs.org/patch/930638/ + https://patchwork.ozlabs.org/patch/930641/ +Notes: + carnil> Upstream 4.9.x series did only contain the first part in + carnil> 4.9.112. The backport of 8bc1379b82b8 is requested via + carnil> <20181011185142.104586-2-fengc@google.com> . +Bugs: +upstream: released (4.18-rc4) [e09463f220ca9a1a1ecfda84fcda658f99a1f12a, 8bc1379b82b8e809eef77a9fedbb75c6c297be19] +4.9-upstream-stable: released (4.9.112) [8ef97ef67ce0f8fc3d32c7218e6b412e479ee2ab], (4.9.135) [7dd55897f23c4e3e3a864c5c72722f7e412138e9] +3.16-upstream-stable: released (3.16.58) [jbd2-don-t-mark-block-as-modified-if-the-handle-is-out-of-credits.patch, ext4-avoid-running-out-of-journal-credits-when-appending-to-an.patch] +sid: released (4.17.3-1) [bugfix/all/jbd2-don-t-mark-block-as-modified-if-the-handle-is-o.patch, bugfix/all/ext4-avoid-running-out-of-journal-credits-when-appen.patch] +4.9-stretch-security: released (4.9.110-1) [bugfix/all/jbd2-don-t-mark-block-as-modified-if-the-handle-is-o.patch, bugfix/all/ext4-avoid-running-out-of-journal-credits-when-appen.patch] +3.16-jessie-security: released (3.16.59-1) -- cgit v1.2.3