Re: [stable] [PATCH] stable - ext[234]: Avoid printk floods in the face of directory corruption (CVE-2008-3528)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Sandeen <sandeen@redhat.com>
To: Greg KH <greg@kroah.com>
Cc: stable@kernel.org, ext4 development <linux-ext4@vger.kernel.org>
Subject: Re: [stable] [PATCH] stable - ext[234]: Avoid printk floods in the face of directory corruption (CVE-2008-3528)
Date: Wed, 22 Oct 2008 11:21:08 -0500	[thread overview]
Message-ID: <48FF52F4.10702@redhat.com> (raw)
In-Reply-To: <20081022161433.GB29489@kroah.com>

Greg KH wrote:
> On Wed, Oct 22, 2008 at 10:11:52AM -0500, Eric Sandeen wrote:
>> This is a trivial backport of the following upstream commits:
>>
>> - bd39597cbd42a784105a04010100e27267481c67 (ext2)
>> - cdbf6dba28e8e6268c8420857696309470009fd9 (ext3)
>> - 9d9f177572d9e4eba0f2e18523b44f90dd51fe74 (ext4)
>>
>> This addresses CVE-2008-3528
>>
>> ext[234]: Avoid printk floods in the face of directory corruption
> 
> For what kernel releases is this applicable?  .27? .26? .25?  Earlier?

Sorry.. it is applicable to pretty much any kernel in the past :)  .27
certainly (that's what the patch is against), .26, .25.... yes.

It's not a particularly dangerous condition - you have to somehow get
the administrator to mount the filesystem before you can trigger the
"exploit" (which is a DoS, essentially) - so, I don't know if it's worth
porting back to the dawn of time...

Thanks,
-Eric

> thanks,
> 
> greg k-h

next prev parent reply	other threads:[~2008-10-22 16:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-10-22 15:11 [PATCH] stable - ext[234]: Avoid printk floods in the face of directory corruption (CVE-2008-3528) Eric Sandeen
2008-10-22 16:14 ` [stable] " Greg KH
2008-10-22 16:21   ` Eric Sandeen [this message]
2008-10-22 16:34     ` Greg KH
2008-10-22 17:35       ` Eric Sandeen
2008-10-22 17:37         ` Greg KH
2008-10-22 19:33           ` Eric Sandeen
2008-10-23 20:52 ` patch ext-avoid-printk-floods-in-the-face-of-directory-corruption.patch added to 2.6.27-stable tree gregkh
2008-10-23 21:04 ` patch ext-avoid-printk-floods-in-the-face-of-directory-corruption.patch added to 2.6.25-stable tree gregkh
2008-10-23 21:12 ` patch ext-avoid-printk-floods-in-the-face-of-directory-corruption.patch added to 2.6.26-stable tree gregkh

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=48FF52F4.10702@redhat.com \
    --to=sandeen@redhat.com \
    --cc=greg@kroah.com \
    --cc=linux-ext4@vger.kernel.org \
    --cc=stable@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.