[SRU][J/N][PATCH 0/2] CVE-2024-50248
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Thu Jan 23 14:46:36 UTC 2025
[Impact]
ntfs3: Add bounds checking to mi_enum_attr()
Added bounds checking to make sure that every attr don't stray beyond
valid memory region.
[Fix]
Oracular: Fixed via upstream stable updates (bec0995dd88be2)
Noble: Cherry picked both the fix commit and a followup from mainline
Jammy: Backported both the fix commit and a followup from mainline
Focal: Not affected
[Test Case]
Compile and boot tested.
Stress tested a ntfs partition using stress-ng.
[Where problems could occur]
The fix affects the ntfs3 driver. An issue with this fix may lead to
filesystem instability when accessing or modifying NTFS formatted disks.
A normal user might experience data loss, inability to mount NTFS
partitions, or system hangs when performing fs operations.
Konstantin Komarov (1):
fs/ntfs3: Sequential field availability check in mi_enum_attr()
lei lu (1):
ntfs3: Add bounds checking to mi_enum_attr()
fs/ntfs3/record.c | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list