On Mon, May 14, 2018 at 01:27:13AM -0400, Khalid Elmously wrote: > From: Theodore Ts'o <tytso@xxxxxxx> > > CVE-2018-1092 > > If the root directory has an i_links_count of zero, then when the file > system is mounted, then when ext4_fill_super() notices the problem and > tries to call iput() the root directory in the error return path, > ext4_evict_inode() will try to free the inode on disk, before all of > the file system structures are set up, and this will result in an OOPS > caused by a NULL pointer dereference. > > This issue has been assigned CVE-2018-1092. > > https://bugzilla.kernel.org/show_bug.cgi?id=199179 > https://bugzilla.redhat.com/show_bug.cgi?id=1560777 > > Reported-by: Wen Xu <wen.xu@xxxxxxxxxx> > Signed-off-by: Theodore Ts'o <tytso@xxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx > (cherry-picked from 8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44) > Signed-off-by: Khalid Elmously <khalid.elmously@xxxxxxxxxxxxx> > --- > fs/ext4/inode.c | 6 ++++++ > 1 file changed, 6 insertions(+) Any specific reason you sent a patch that is already included in all of the active stable trees, to the stable mailing list? And nice fuzzymail address :) greg k-h
