Description: Out-of-bounds read in f2fs References: https://source.android.com/security/bulletin/pixel/2019-09-01 https://android-review.googlesource.com/c/kernel/common/+/864649 Notes: carnil> Not fully clear (to me) which specific commit is meant. bwh> The CVE description mentions an "out-of bounds read", so the most bwh> likely fix seemed to be commit 64beba0558fc "f2fs: sanity check of bwh> xattr entry size". However that addresses CVE-2019-9245. The bwh> other candidate I could see was commit 720db068634c "f2fs: check bwh> if file namelen exceeds max value". bwh> Apparently introduced in 3.8 when f2fs was added. Bugs: upstream: released (5.1-rc1) [720db068634c91553a8e1d9a0fcd8c7050e06d2b] 4.19-upstream-stable: released (4.19.97) [4124927e36b7753efb6faf1a508e2bc6783343cf] 4.9-upstream-stable: released (4.9.233) [7745e3c67b80865bd0bc0812fda9f6292c8dc2fb] 3.16-upstream-stable: ignored "f2fs is not supportable" sid: released (5.2.6-1) 4.19-buster-security: released (4.19.98-1) 4.9-stretch-security: released (4.9.240-1) 3.16-jessie-security: ignored "f2fs is not supportable"