Issue metadata
Sign in to add a comment
|
CVE-2018-10880 CrOS: Vulnerability reported in Linux kernel |
||||||||||||||||||||||
Issue descriptionVOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. Advisory: CVE-2018-10880 Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2018-10880 CVSS severity score: 7.1/10.0 Description: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. This bug was filed by http://go/vomit Please contact us at vomit-team@google.com if you need any assistance.
,
Sep 24
,
Sep 24
#1: Upstream commit is 8cdb5240ec5("ext4: never move the system.data xattr out of the inode body").
,
Sep 25
,
Sep 26
Matching bug in buganizer: https://buganizer.corp.google.com/issues/116406043
,
Sep 26
,
Sep 26
coral-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301732863941312 bob-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301730232971248 kevin-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301727595450768 coral-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301724990297648 bob-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301722076158320 kevin-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934301719513419696
,
Sep 28
Another run of tryjobs seems to have passed. coral-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203647678561232 bob-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203644694005632 kevin-pre-cq https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203641645359968 coral-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203638822483984 bob-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203635737707936 kevin-paladin-tryjob https://cros-goldeneye.corp.google.com/chromeos/healthmonitoring/buildDetails?buildbucketId=8934203632076132816 Coral paladin tryjob seems to have failed(testlabfailure), others have passed. I'll send a backport for 4.4.y.
,
Sep 28
patch sent to upstream stable, attached.
,
Oct 2
patch is now in stable queue.
,
Oct 15
Patch is now in 4.4.y and v4.4.
,
Oct 16
,
Today
(17 hours ago)
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by zsm@chromium.org
, Sep 24Labels: Security_Severity-High Security_Impact-Stable Pri-1
Owner: zsm@chromium.org
Status: Assigned (was: Untriaged)
Upstream commit is 8a9ef17c0dc93("ext4: never move the system.data xattr out of the inode body"). This commit is present in v4.14. Older kernels(including v4.4) do not seem to have this commit.