Re: [SECURITY] e2fsprogs v1.47.4 Vulnerabilities — Orphan File & Extent Handling

public inbox for linux-ext4@vger.kernel.org
 help / color / mirror / Atom feed

From: "Theodore Tso" <tytso@mit.edu>
To: 4fqr <4fqr@proton.me>
Cc: "linux-ext4@vger.kernel.org" <linux-ext4@vger.kernel.org>
Subject: Re: [SECURITY] e2fsprogs v1.47.4 Vulnerabilities — Orphan File & Extent Handling
Date: Fri, 3 Apr 2026 09:48:52 -0400	[thread overview]
Message-ID: <20260403134852.GE12260@macsyma-wired.lan> (raw)
In-Reply-To: <DJq7WqGAG9HBnpd-DVD5sVNGDUoSoP2sJ5RAXlucoYhtbqxJXFNUUfhFETwaDeDr6Q8a5xp0hVJb0yIt8EucI-F-PQ28zg8i0Y9HmF8qk5Q=@proton.me>

On Fri, Apr 03, 2026 at 11:29:55AM +0000, 4fqr wrote:
> 
> I'm disclosing three security vulnerabilities in e2fsprogs v1.47.4
> affecting orphan file inode processing and extent tree
> validation. This follows responsible disclosure notification to the
> maintainer (Theodore Ts'o).

You notified me 45 seconds before sending this e-mail to linux-ext4,
which is a public mailing list.  (For future reference, essentially
all lists @vger.kernel.org are public, with the contents available at
https://lore.kernel.org.)

> Patches and coordination discussion will follow once the maintainer
> has reviewed.

Coordination discussion is moot at this point, because you've already
made your findings public.  I'll review them in detail in the next few
days, but it does appear that we are missing some checks in the
orphan_file handling, which whether or not they are exploitable by a
malicious attacker, are real bugs that should be fixed.

Cheers,

					- Ted

next prev parent reply	other threads:[~2026-04-03 13:50 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-03 11:29 [SECURITY] e2fsprogs v1.47.4 Vulnerabilities — Orphan File & Extent Handling 4fqr
2026-04-03 13:48 ` Theodore Tso [this message]
2026-04-03 16:17 ` Andreas Dilger
2026-04-03 18:34   ` Theodore Tso
2026-04-03 23:11   ` Theodore Tso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260403134852.GE12260@macsyma-wired.lan \
    --to=tytso@mit.edu \
    --cc=4fqr@proton.me \
    --cc=linux-ext4@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox