blob: 6d62a9c46ea6ddacd01dc08dc733af1cde50cbcf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: vfs: fs_context: fix up param length parsing in legacy_parse_param
References:
https://www.openwall.com/lists/oss-security/2022/01/18/7
https://www.openwall.com/lists/oss-security/2022/01/25/14
https://twitter.com/cor_ctf/status/1486022971034529794
https://github.com/Crusaders-of-Rust/CVE-2022-0185
https://www.willsroot.io/2022/01/cve-2022-0185.html
Notes:
carnil> Introduced with 3e1aeb00e6d1 ("vfs: Implement a filesystem
carnil> superblock creation/configuration context") in 5.1-rc1.
Bugs:
upstream: released (5.17-rc1) [722d94847de29310e8aa03fcbdb41fc92c521756]
5.10-upstream-stable: released (5.10.93) [eadde287a62e66b2f9e62d007c59a8f50d4b8413]
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.15.15-1) [bugfix/all/vfs-fs_context-fix-up-param-length-parsing-in-legacy.patch]
5.10-bullseye-security: released (5.10.92-1) [bugfix/all/vfs-fs_context-fix-up-param-length-parsing-in-legacy.patch]
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"
|