blob: 05f962c17c02e0cd743c209a587985379ca86e8f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: jfs: array-index-out-of-bounds in dbAdjTree
References:
https://lore.kernel.org/lkml/CAFcO6XN=cd=_K_2AY9OL7f+HWsazY-nJ81Ufrw4azvkjj-Mpng@mail.gmail.com/
https://www.openwall.com/lists/oss-security/2020/11/30/5
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c
Notes:
bwh> Based on the fix, this looks like it will be harmless in practice.
bwh> There are two arrays of different sizes aliased to each other
bwh> through a union, and the smaller array is used when the larger
bwh> should be. But the union will always be big enough to hold the
bwh> larger array.
Bugs:
upstream: released (5.11-rc1) [c61b3e4839007668360ed8b87d7da96d2e59fc6c]
5.10-upstream-stable: released (5.10.4) [c2032bf94ba4fb15db0c277614338d377fe430d2]
4.19-upstream-stable: released (4.19.164) [c7e31b2fecfe0ebd5bd6a8274b2fbfb9c9401738]
4.9-upstream-stable: released (4.9.249) [2c7c903caef18d45bac879557861656aa30b8933]
sid: released (5.10.4-1)
4.19-buster-security: released (4.19.171-1)
4.9-stretch-security: released (4.9.258-1)
|
