From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:46767 "EHLO
	mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S964892AbbI2ONY (ORCPT
	<rfc822;stable@vger.kernel.org>); Tue, 29 Sep 2015 10:13:24 -0400
Date: Tue, 29 Sep 2015 16:13:21 +0200
From: Greg KH <greg@kroah.com>
To: "Charles (Chas) Williams" <3chas3@gmail.com>
Cc: stable@vger.kernel.org
Subject: Re: [PATCH 3.14] udf: Check length of extended attributes and
 allocation descriptors
Message-ID: <20150929141321.GE24418@kroah.com>
References: <1441313329.2546.38.camel@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1441313329.2546.38.camel@gmail.com>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Thu, Sep 03, 2015 at 04:48:49PM -0400, Charles (Chas) Williams wrote:
> From: Jan Kara <jack@suse.cz>
> 
> commit 23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 upstream.
> 
> Check length of extended attributes and allocation descriptors when
> loading inodes from disk. Otherwise corrupted filesystems could confuse
> the code and make the kernel oops.
> 
> This fixes CVE-2015-4167.
> 
> Reported-by: Carl Henrik Lunde <chlunde@ping.uio.no>
> Signed-off-by: Jan Kara <jack@suse.cz>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> [Use make_bad_inode() instead of branching due to older implementation.]
> Signed-off-by: Chas Williams <3chas3@gmail.com>

Thanks for this, now applied.

greg k-h