oss-sec mailing list archives

Re: xfs directory hash ordering bug / Linux kernel

From: cve-assign () mitre org
Date: Wed, 1 Oct 2014 23:25:25 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88547a8119e3b581318ab65e9b72f27f23e641d
http://marc.info/?l=linux-xfs&m=139590613002926&w=2
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfstests.git;a=commitdiff;h=947ee8bd4b59770534297572b14c695e9c6e001e

Basically it allows a local user to corrupt a xfs filesystem by just
creating directories. Depending on whether it is the root filesystem or
not the kernel panics or just oopses


Use CVE-2014-7283.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJULMUnAAoJEKllVAevmvmsiX8IALazBQ0FNLaT54gkqx8N9BSx
aR22Kja/EDenK39O6LBg2Cf98XXmvGaiGmsQZbFkcdTt5iuQG5SnUE4Y1zyP6PDC
rLiuzPTqyuAXvtn80qOigPDJWG4P/TZICckpQIix1Tiu2OFNcqJggOT6quuJ53ci
3YjSJyEv+T0AuaBxKxyFnBMyH8r/3IvEU8uNZlYK3+mxuPmGqLj2iZaDKK3XX+iy
QcokNsyOaS9UIDdf06zdWQGO3hXz+Md2D4JZ57myZQJOTFh/6FtPpn3jcgNP7i6c
RIVfFfaLh5j58VOXOeL3qrvoiw00o9IZfsKYKZl9UqTAHOxNzrJ3qrK9j/xlPgY=
=M1u6
-----END PGP SIGNATURE-----

Current thread:

xfs directory hash ordering bug Hannes Frederic Sowa (Oct 01)
- Re: xfs directory hash ordering bug / Linux kernel cve-assign (Oct 01)