blob: c5dcf6ff42f005b796034f2c25c23220ce1efd92 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Description: ext4: crafted image causes heap OOB write in ext4_xattr_set_entry
References:
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19319
Notes:
bwh> The fix is unknown but the PoC is reported to fail on 5.3.11 and 5.4.0.
carnil> Introduced in dec214d00e0d ("ext4: xattr inode deduplication")
carnil> in 4.13-rc1? Cf.
carnil> https://bugzilla.suse.com/show_bug.cgi?id=1158021#c2
Bugs:
upstream: released (5.4)
4.19-upstream-stable:
4.9-upstream-stable:
3.16-upstream-stable:
sid: released (5.3.15-1)
4.19-buster-security:
4.9-stretch-security:
3.16-jessie-security:
|
