[SRU,Jammy-OEM-5.17,0/2] CVE-2023-2513

Message ID	20230807200133.48993-1-yuxuan.luo@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Yuxuan Luo <yuxuan.luo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][Jammy-OEM-5.17][PATCH 0/2] CVE-2023-2513 Date: Mon, 7 Aug 2023 16:01:31 -0400 Message-Id: <20230807200133.48993-1-yuxuan.luo@canonical.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	CVE-2023-2513 \| expand [SRU,Jammy-OEM-5.17,0/2] CVE-2023-2513 [SRU,Jammy-OEM-5.17,1/2] ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h [SRU,Jammy-OEM-5.17,2/2] ext4: fix use-after-free in ext4_xattr_set_entry

Message ID

20230807200133.48993-1-yuxuan.luo@canonical.com

Headers

From: Yuxuan Luo <yuxuan.luo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][Jammy-OEM-5.17][PATCH 0/2] CVE-2023-2513
Date: Mon,  7 Aug 2023 16:01:31 -0400
Message-Id: <20230807200133.48993-1-yuxuan.luo@canonical.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

CVE-2023-2513 | expand

Message

Yuxuan Luo Aug. 7, 2023, 8:01 p.m. UTC

[Impact]
Under certain use case, ext4 file system will miscalculate memory size,
resulting in allowing use-after-free to happen.

[Backport]
These are two clean cherry picks.

[Test]
Compile and boot tested.

[Potential Regression]
Expecting minimal regression potential.

Baokun Li (2):
  ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
  ext4: fix use-after-free in ext4_xattr_set_entry

 fs/ext4/xattr.c |  7 ++++---
 fs/ext4/xattr.h | 13 +++++++++++++
 2 files changed, 17 insertions(+), 3 deletions(-)

Comments

Tim Gardner Aug. 8, 2023, 3:36 p.m. UTC | #1

On 8/7/23 2:01 PM, Yuxuan Luo wrote:
> [Impact]
> Under certain use case, ext4 file system will miscalculate memory size,
> resulting in allowing use-after-free to happen.
> 
> [Backport]
> These are two clean cherry picks.
> 
> [Test]
> Compile and boot tested.
> 
> [Potential Regression]
> Expecting minimal regression potential.
> 
> Baokun Li (2):
>    ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
>    ext4: fix use-after-free in ext4_xattr_set_entry
> 
>   fs/ext4/xattr.c |  7 ++++---
>   fs/ext4/xattr.h | 13 +++++++++++++
>   2 files changed, 17 insertions(+), 3 deletions(-)
> 
Acked-by: Tim Gardner <tim.gardner@canonical.com>

Timo Aaltonen Aug. 11, 2023, 9:37 a.m. UTC | #2

Yuxuan Luo kirjoitti 7.8.2023 klo 23.01:
> [Impact]
> Under certain use case, ext4 file system will miscalculate memory size,
> resulting in allowing use-after-free to happen.
> 
> [Backport]
> These are two clean cherry picks.
> 
> [Test]
> Compile and boot tested.
> 
> [Potential Regression]
> Expecting minimal regression potential.
> 
> Baokun Li (2):
>    ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h
>    ext4: fix use-after-free in ext4_xattr_set_entry
> 
>   fs/ext4/xattr.c |  7 ++++---
>   fs/ext4/xattr.h | 13 +++++++++++++
>   2 files changed, 17 insertions(+), 3 deletions(-)
> 

applied to oem kernels, thanks