blob: 88654b765ae89df063c0ee023bacf33d169c163e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: Out-of-bounds read in f2fs
References:
https://source.android.com/security/bulletin/pixel/2019-09-01
https://android-review.googlesource.com/c/kernel/common/+/864649
Notes:
carnil> Not fully clear (to me) which specific commit is meant.
bwh> The CVE description mentions an "out-of bounds read", so the most
bwh> likely fix seemed to be commit 64beba0558fc "f2fs: sanity check of
bwh> xattr entry size". However that addresses CVE-2019-9245. The
bwh> other candidate I could see was commit 720db068634c "f2fs: check
bwh> if file namelen exceeds max value".
bwh> Apparently introduced in 3.8 when f2fs was added.
Bugs:
upstream: released (5.1-rc1) [720db068634c91553a8e1d9a0fcd8c7050e06d2b]
4.19-upstream-stable: released (4.19.97) [4124927e36b7753efb6faf1a508e2bc6783343cf]
4.9-upstream-stable: released (4.9.233) [7745e3c67b80865bd0bc0812fda9f6292c8dc2fb]
3.16-upstream-stable: ignored "f2fs is not supportable"
sid: released (5.2.6-1)
4.19-buster-security: released (4.19.98-1)
4.9-stretch-security: released (4.9.240-1)
3.16-jessie-security: ignored "f2fs is not supportable"
|