blob: 77319caf36b00b0a66ff36c37735b010317ba0cf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: fuse: fix live lock in fuse_iget()
References:
Notes:
carnil> Commit fixes 5d069dbe8aaf ("fuse: fix bad inode") which is only
carnil> present in 5.4.88, 5.10.6 and 5.11-rc1 so might not affect
carnil> older versions.
bwh> Commit 5d069dbe8aaf "fuse: fix bad inode" fixed another DoS issue,
bwh> so we'll need to backport both of them.
carnil> The 5d069dbe8aaf "fuse: fix bad inode" is CVE-2020-36322.
Bugs:
upstream: released (5.12-rc4) [775c5033a0d164622d9d10dd0f0a5531639ed3ed]
5.10-upstream-stable: released (5.10.25) [d955f13ea2120269319d6133d0dd82b66d1eeca3]
4.19-upstream-stable: needed
4.9-upstream-stable: needed
sid: released (5.10.24-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch]
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: needed
4.9-stretch-security: released (4.9.272-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch]
|
