Re: Reg: logical volume file system is getting corrupted after multiple reboots.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 22, 2018 at 03:57:41PM +0530, RAJESH DASARI wrote:
> 
> Reason why i was upgrading because  there seems to be  some buffer
> overrun issues in the blkid library and in the fsck program of
> e2fsprogs. An attacker can use this to cause a denial of service and
> this issue is fixed from 1.44.0 onwards.

Can you be specific about which buffer overrun issues you are most
concerned about?

> I checked the git commit log and noticed that the below commit by ted
> will fix the buffer over run issue.
> https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=d8e5da0a3b94f7445ab8cdd629bfc561986e7501
>

This particular fix is for a really innocuous buffer overrun issue.
In the "attack" the user passes an insanely long file system type on
the command-line.  This can cause fsck to crash.  But since fsck isn't
setuid, it's really not a problem that can be exploited.  I applied
the fix because it's a bug, but it's not a security issue.

Also note that on most modern distribution, blkid and fsck are
provided by util-linux, and not by e2fsprogs.  I can't speak to your
system because I don't know what distribution you are running.


As far as the problem you are complainng about in e2fsprogs 1.44.x,
please supply (a) the full output of e2fsck which shows its complaint,
and (b) the full output of dumpe2fs on the file system.

Thanks,

					- Ted



[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux