New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 888317 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner:
Closed: Sep 24
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Security



Sign in to add a comment

CVE-2018-10879 CrOS: Vulnerability reported in Linux kernel

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Sep 23

Issue description

VOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. 

Advisory: CVE-2018-10879
  Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2018-10879
  CVSS severity score: 6.1/10.0
  Description:

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.



This bug was filed by http://go/vomit
Please contact us at vomit-team@google.com if you need any assistance.

 
Cc: groeck@chromium.org wonderfly@google.com
Labels: Security_Severity-Medium Security_Impact-Stable Pri-2
Owner: zsm@chromium.org
Status: Assigned (was: Untriaged)
Upstream commits are :-
5369a762c88 ("ext4: add corruption check in ext4_xattr_set_entry()")
513f86d7385 ("ext4: always verify the magic number in xattr blocks")

These commits are present in v4.14, v4.4. Older kernels do not have this commit.

Let's not touch kernels older than 4.4 with ext4 changes unless the fixes are also in upstream v3.18.y or apply cleanly. Changes compared to older kernels are so substantial that trying to backport patches to chromeos-3.18 and older is more risky than living with the problem.

#2: Sounds good, thanks, for <= v3.18 I'll apply patches that either apply cleanly or are in upstream stable.
Cc: sawlani@google.com
Status: WontFix (was: Assigned)
These patches cause conflicts when applying to 3.18; backports are not present in 3.18.y. Marking as WontFix as the differences in ext4 between 3.18 and upstream are substantial.

Sign in to add a comment