[CVE-2011-4077] xfs_readlink memory corruption
Andy Whitcroft
apw at canonical.com
Mon Nov 21 16:50:52 UTC 2011
CVE-2011-4077
A flaw was found in the way Linux kernel's XFS filesystem
implementation handled links with pathname larger than
MAXPATHLEN. When CONFIG_XFS_DEBUG configuration option was not
enabled when compiling Linux kernel, an attacker able to mount
malicious XFS image could use this flaw to crash the system,
or potentially, elevate his privileges on that system.
The fix for this issue has hit precise via upstream. Following this email
are 4 patches. The first for hardy; the second for lucid, lucid/fsl-imx51,
maverick, and maverick/ti-omap4; the third for natty and natty/ti-omap3;
and the last for oneiric. All of these are trivial backports from
the upstream commit differing only in how the errors are reported and
in context.
Proposing for hardy, lucid, lucid/fsl-imx51, maverick, maverick/ti-omap4,
natty, natty/ti-omap3, and oneiric.
-apw
More information about the kernel-team
mailing list