On Thu, Sep 03, 2015 at 04:48:49PM -0400, Charles (Chas) Williams wrote: > From: Jan Kara <jack@xxxxxxx> > > commit 23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 upstream. > > Check length of extended attributes and allocation descriptors when > loading inodes from disk. Otherwise corrupted filesystems could confuse > the code and make the kernel oops. > > This fixes CVE-2015-4167. > > Reported-by: Carl Henrik Lunde <chlunde@xxxxxxxxxxx> > Signed-off-by: Jan Kara <jack@xxxxxxx> > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > [Use make_bad_inode() instead of branching due to older implementation.] > Signed-off-by: Chas Williams <3chas3@xxxxxxxxx> Thanks for this, now applied. greg k-h -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html