[CVE-2012-4508] ext4: race-condition protection for ext4_convert_unwritten_extents_endio
Luis Henriques
luis.henriques at canonical.com
Wed Jan 16 16:45:26 UTC 2013
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16
allows local users to obtain sensitive information from a deleted file by
reading an extent that was not properly marked as uninitialized.
Following this email there are two patches that fix this issue for
Oneiric:
* "ext4: quiet 'unused variables' compile warnings"
Strictly speaking, this commit isn't actually required -- it just cleans
up an unused variable. The reason to include this patch is that it
makes the application of the second commit cleaner. This is a clean
cherry-pick from mainline 9331b6261058eb85ae7c57ab8ac279e7fdaa9f04.
* "ext4: race-condition protection for ext4_convert_unwritten_extents_endio"
This is the actual fix for this CVE and it is a backport of commit
dee1f973ca341c266229faa5a1a5bb268bed3531 from mainline.
These patches have been tested on kvm using xfstests and no regressions
were found.
Dmitry Monakhov (1):
ext4: race-condition protection for
ext4_convert_unwritten_extents_endio
Yongqiang Yang (1):
ext4: quiet 'unused variables' compile warnings
fs/ext4/extents.c | 59 +++++++++++++++++++++++++++++++++++++++++++------------
fs/ext4/mballoc.c | 2 --
2 files changed, 46 insertions(+), 15 deletions(-)
--
1.8.0
More information about the kernel-team
mailing list