[kernel] r14811 - in dists/lenny/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Thu Dec 24 08:18:22 UTC 2009
Author: dannf
Date: Thu Dec 24 08:18:19 2009
New Revision: 14811
Log:
ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
(CVE-2009-4308)
Added:
dists/lenny/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
Modified:
dists/lenny/linux-2.6/debian/changelog
dists/lenny/linux-2.6/debian/patches/series/21
Modified: dists/lenny/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny/linux-2.6/debian/changelog Thu Dec 24 07:28:09 2009 (r14810)
+++ dists/lenny/linux-2.6/debian/changelog Thu Dec 24 08:18:19 2009 (r14811)
@@ -36,6 +36,8 @@
* KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031)
* firewire: ohci: handle receive packets with a data length of zero
(CVE-2009-4138)
+ * ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
+ (CVE-2009-4308)
-- Ben Hutchings <ben at decadent.org.uk> Sat, 24 Oct 2009 23:45:45 +0100
Added: dists/lenny/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch Thu Dec 24 08:18:19 2009 (r14811)
@@ -0,0 +1,26 @@
+commit 78f1ddbb498283c2445c11b0dfa666424c301803
+Author: Theodore Ts'o <tytso at mit.edu>
+Date: Mon Jul 27 23:09:47 2009 -0400
+
+ ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
+
+ We need to check to make sure a journal is present before checking the
+ journal flags in ext4_decode_error().
+
+ Signed-off-by: Eric Sesterhenn <eric.sesterhenn at lsexperts.de>
+ Signed-off-by: "Theodore Ts'o" <tytso at mit.edu>
+
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c
+index 8f4f079..fe3f376 100644
+--- a/fs/ext4/super.c
++++ b/fs/ext4/super.c
+@@ -344,7 +344,8 @@ static const char *ext4_decode_error(struct super_block *sb, int errno,
+ errstr = "Out of memory";
+ break;
+ case -EROFS:
+- if (!sb || EXT4_SB(sb)->s_journal->j_flags & JBD2_ABORT)
++ if (!sb || (EXT4_SB(sb)->s_journal &&
++ EXT4_SB(sb)->s_journal->j_flags & JBD2_ABORT))
+ errstr = "Journal has aborted";
+ else
+ errstr = "Readonly filesystem";
Modified: dists/lenny/linux-2.6/debian/patches/series/21
==============================================================================
--- dists/lenny/linux-2.6/debian/patches/series/21 Thu Dec 24 07:28:09 2009 (r14810)
+++ dists/lenny/linux-2.6/debian/patches/series/21 Thu Dec 24 08:18:19 2009 (r14811)
@@ -40,3 +40,4 @@
+ bugfix/all/hfs-fix-a-potential-buffer-overflow.patch
+ bugfix/x86/kvm-limit-instructions-to-15-bytes.patch
+ bugfix/all/firewire-ohci-handle-receive-packets-with-a-data-length-of-zero.patch
++ bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
More information about the Kernel-svn-changes
mailing list