Description: Out of bounds read in ext4/balloc.c:ext4_valid_block_bitmap() causes crash with crafted ext4 image
References:
Notes:
 carnil> Ben noticed that the fix is not correct in Message-ID:
 carnil> <30c688b5783a5779811ce68893b7001390b9e200.camel@decadent.org.uk>
 carnil> and fix needs a followup.
 carnil> Caused other regressions:
 carnil> https://marc.info/?l=linux-ext4&m=152416385122029&w=2
 bwh> Regressions should be fixed by commit 22be37acce25 "ext4: fix bitmap
 bwh> position validation".
Bugs:
 https://bugzilla.kernel.org/show_bug.cgi?id=199181
upstream: released (4.17-rc1) [7dac4a1726a9c64a517d595c40e95e2d0d135f6f]
4.9-upstream-stable: released (4.9.98) [76964816c83d3e4e8a6a393777b30f22a6f9cd51, 1fd7c778ebf0f74e0aadcdf112800736cfdbca00]
3.16-upstream-stable: released (3.16.57) [91a9c8e8ac7da66d7159fd758464808d2a1c979a, 73cc97df78e4fbc22a34b0eeedbaaf30b47d7ee5]
3.2-upstream-stable: released (3.2.102) [f278235ce148485cdb9dc990673943addafbd577, 02a37ffd681be59775c9f13686e20621f7097f7e]
sid: released (4.15.17-1) [bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch]
4.9-stretch-security: released (4.9.88-1) [bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch, bugfix/all/ext4-fix-bitmap-position-validation.patch]
3.16-jessie-security: released (3.16.57-1)
3.2-wheezy-security: released (3.2.102-1)