Description: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image
References:
Notes:
 bwh> This is related to metadata checksums, which were added to ext4 in
 bwh> Linux 3.5.
 carnil> Additionally 18db4b4e6fc31eda838dd1c1296d67dbcb3dc957 ("ext4:
 carnil> don't allow r/w mounts if metadata blocks overlap the
 carnil> superblock") might need to be applied:
 carnil> https://bugzilla.kernel.org/show_bug.cgi?id=199183#c4
 carnil> but not strictly needed for the security fix.
 carnil> According to Ben's triage a similar issue is affecting 4.9 but
 carnil> but the issue reported for CVE-2018-1094 does not apply to 4.9.
Bugs:
 https://bugzilla.kernel.org/show_bug.cgi?id=199183
upstream: released (4.17-rc1) [a45403b51582a87872927a3e0fc0a389c26867f1]
4.9-upstream-stable: N/A "Vulnerable code not present"
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.15.17-1) [bugfix/all/ext4-always-initialize-the-crc32c-checksum-driver.patch]
4.9-stretch-security: N/A "Vulnerable code not present"
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"