Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit b5bbcbf8 authored by Theodore Ts'o's avatar Theodore Ts'o Committed by Gerrit - the friendly Code Review server
Browse files

ext4: only look at the bg_flags field if it is valid 

commit 8844618d8aa7a9973e7b527d038a2a589665002c upstream.

The bg_flags field in the block group descripts is only valid if the
uninit_bg or metadata_csum feature is enabled.  We were not
consistently looking at this field; fix this.

Also block group #0 must never have uninitialized allocation bitmaps,
or need to be zeroed, since that's where the root inode, and other
special inodes are set up.  Check for these conditions and mark the
file system as corrupted if they are detected.

This addresses CVE-2018-10876.

https://bugzilla.kernel.org/show_bug.cgi?id=199403



Bug: 116406122
Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Change-Id: Ib11b9763377136af09403b23d80f3d9b5ca52a96
Git-repo: https://android.googlesource.com/kernel/msm


Git-commit: f84c8cdd6b5d4247e1bca3f2a11a3e3984315fa4
Signed-off-by: default avatarSrinivasa Rao Kuppala <srkupp@codeaurora.org>
parent dd1ccc39
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment