oss-sec mailing list archives

CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference

From: P J P <ppandit () redhat com>
Date: Tue, 5 Mar 2013 15:38:49 +0530 (IST)

  Hello,

Linux kernel built with support for XFS file system is vulnerable to a NULL
pointer dereference flaw. This occurs while accessing blocks beyond the end
of the file system, possibly on a corrupted device.

A user able to mount the file system could use this flaw to crash the kernel,resulting in DoS.


Upstream fix:
-------------
 -> https://git.kernel.org/linus/eb178619f930fa2ba2348de332a1ff1c66a31424

Reference:
----------
 -> https://bugzilla.redhat.com/show_bug.cgi?id=918009

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Current thread:

CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference P J P (Mar 05)
- Re: CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference Kurt Seifried (Mar 05)