New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 888328 link

Starred by 1 user
Status: WontFix
Owner:
zsm@chromium.org
Closed: Sep 24
Cc:
wonderfly@chromium.org
sawlani@google.com
groeck@chromium.org
chromeos-kernel-security-bug-access@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug-Security



Sign in to add a comment

CVE-2018-14616 CrOS: Vulnerability reported in Linux kernel

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Sep 23 
VOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. 

Advisory: CVE-2018-14616
  Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2018-14616
  CVSS severity score: 7.1/10.0
  Description:

An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.



This bug was filed by http://go/vomit
Please contact us at vomit-team@google.com if you need any assistance.

Comment 1 by zsm@chromium.org, Sep 24

Cc: groeck@chromium.org sawlani@google.com wonderfly@chromium.org
Labels: Security_Severity-High Security_Impact-None Pri-1
Owner: zsm@chromium.org
Status: WontFix (was: Untriaged)
Upstream commit is 91291e9998("f2fs: fix to do sanity check with block address in main area v2")

Per the discussion on https://bugzilla.kernel.org/show_bug.cgi?id=200465, the fix might be incomplete as a similar bug exists with a different stacktrace.

CONFIG_F2FS_FS is not set, so marking as WontFix.

Will keep track of this bug in case the config flips in the future. Using configmonitor cronjob to monitor changes in kernel configs.

Sign in to add a comment