oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 05 Mar 2013 03:36:29 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/05/2013 03:08 AM, P J P wrote:

Hello,

Linux kernel built with support for XFS file system is vulnerable
to a NULL pointer dereference flaw. This occurs while accessing
blocks beyond the end of the file system, possibly on a corrupted
device.

A user able to mount the file system could use this flaw to crash
the kernel, resulting in DoS.

Upstream fix: ------------- ->
https://git.kernel.org/linus/eb178619f930fa2ba2348de332a1ff1c66a31424

 Reference: ---------- ->
https://bugzilla.redhat.com/show_bug.cgi?id=918009

Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A
84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B


Please use CVE-2013-1819 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRNcqsAAoJEBYNRVNeJnmTNWAP/iVgzKLALr90GoEczhWQXMWt
xFE/DyzNpjR1qm3S3gPJ2MUozGYX4UgF6+68F3dpJJY85woXY0k40rdK8KPctlfE
5dVHOeSAVxvEV0SfEK0rT6+L1KD5rCjnoOR1l2QyCYX2Qww04PLOIN/uZlJeEklY
BjdZ6JueSQfyJNaCBpDyURwpY1GNk69TpHJ9+NHcOJ/BmsspVcMN5aOd4XN94U8M
0D3s5mWj8hBsoPLFziNanFbJJNHZx6PrJoQyNwr6XOoGD3AwlhIUgVtHERMyxGxF
wh3d1GdSqWhjPvrFr1DlQD0Pi4h5Pgp0YwOetREpjzPaWzkIinvNTZwHmGTHGNVL
2U36DFi/N67xqZgZ+isRdIl1LsEuLueUJlZB813iYbG1mRQpCyZ/5nX5uliwqAlX
mO7mg1Nj1mgvjFrb7M8wRU9tW1es364u6Rproa7qx2BATrfvqZMUPFDW3xGBVTqA
fqIpgLjvYq+DXTJPGAPN1R9sP3kFtoudh1UzYeoTu20cEJhpThSoRLsHQWTZFaOB
RW5QVs0MQphxRvGjCL/DsLRad6Ofv7C18NUpeOE6E4rYX7OzfUDEiQcfD5P++PkZ
1U46TLXlfZlSFv6Ba/OzDrRuKJrY3VHBe7voIb/0iyfTEyundsGlvSd/o8afSvs3
Kml2h0N0OZMp2C/WXIs8
=8keL
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: