ACK: [SRU][J/N][PATCH 0/2] CVE-2024-50248
Tim Whisonant
tim.whisonant at canonical.com
Sat Feb 8 00:38:38 UTC 2025
On Thu, Jan 23, 2025 at 03:46:36PM +0100, Massimiliano Pellizzer wrote:
> [Impact]
>
> ntfs3: Add bounds checking to mi_enum_attr()
>
> Added bounds checking to make sure that every attr don't stray beyond
> valid memory region.
>
> [Fix]
>
> Oracular: Fixed via upstream stable updates (bec0995dd88be2)
> Noble: Cherry picked both the fix commit and a followup from mainline
> Jammy: Backported both the fix commit and a followup from mainline
> Focal: Not affected
>
> [Test Case]
>
> Compile and boot tested.
> Stress tested a ntfs partition using stress-ng.
>
> [Where problems could occur]
>
> The fix affects the ntfs3 driver. An issue with this fix may lead to
> filesystem instability when accessing or modifying NTFS formatted disks.
> A normal user might experience data loss, inability to mount NTFS
> partitions, or system hangs when performing fs operations.
>
> Konstantin Komarov (1):
> fs/ntfs3: Sequential field availability check in mi_enum_attr()
>
> lei lu (1):
> ntfs3: Add bounds checking to mi_enum_attr()
>
> fs/ntfs3/record.c | 25 ++++++++++++-------------
> 1 file changed, 12 insertions(+), 13 deletions(-)
>
> --
> 2.43.0
>
Acked-by: Tim Whisonant <tim.whisonant at canonical.com>
More information about the kernel-team
mailing list