blob: 89808555ad0dfb03159902500db2f74ef68c1ab5 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: use-after-free in udf_put_super and udf_close_lvid functions in fs/udf/super.c
References:
https://lore.kernel.org/all/00000000000056e02f05dfb6e11a%40google.com/T/
https://syzkaller.appspot.com/bug?extid=60864ed35b1073540d57
https://syzkaller.appspot.com/bug?extid=61564e5023b7229ec85d
https://syzkaller.appspot.com/bug?extid=26873a72980f8fa8bc55
Notes:
carnil> There might be no upstream fix for it from upstream. As by
carnil> stated on the upstream thread about the issue: the reproducer
carnil> does modify the block device while the filesystem is mounted.
Bugs:
upstream: needed
6.1-upstream-stable: needed
5.10-upstream-stable: needed
4.19-upstream-stable: needed
sid: needed
6.1-bookworm-security: needed
5.10-bullseye-security: needed
4.19-buster-security: needed
|
