blob: f9bc8188c39eebeceea0f9bb26fdac8a1e3ffa92 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: jfs: array-index-out-of-bounds in dbAdjTree
References:
https://lore.kernel.org/lkml/CAFcO6XN=cd=_K_2AY9OL7f+HWsazY-nJ81Ufrw4azvkjj-Mpng@mail.gmail.com/
https://www.openwall.com/lists/oss-security/2020/11/30/5
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
Notes:
bwh> Based on the fix, this looks like it will be harmless in practice.
bwh> There are two arrays of different sizes aliased to each other
bwh> through a union, and the smaller array is used when the larger
bwh> should be. But the union will always be big enough to hold the
bwh> larger array.
Bugs:
upstream: needed
4.19-upstream-stable: needed
4.9-upstream-stable: needed
sid: needed
4.19-buster-security: needed
4.9-stretch-security: needed
|
