group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1972281] Re: ext4: limit length to bitmap_maxbytes

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1972281@xxxxxxxxxxxxxxxxxx>
Date: Mon, 23 May 2022 12:39:18 -0000
Reply-to: Bug 1972281 <1972281@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

This bug was fixed in the package linux - 4.15.0-180.189

---------------
linux (4.15.0-180.189) bionic; urgency=medium

  * bionic/linux: 4.15.0-180.189 -proposed tracker (LP: #1974013)

  * CVE-2022-29581
    - net/sched: cls_u32: fix netns refcount changes in u32_change()

  * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP
    option (LP: #1972740)
    - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE

  * ext4: limit length to bitmap_maxbytes (LP: #1972281)
    - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole

 -- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx>  Wed, 18 May
2022 15:56:44 +0200

** Changed in: linux (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29581

** Changed in: linux (Ubuntu Focal)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1116

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1972281

Title:
  ext4: limit length to bitmap_maxbytes

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Trusty:
  In Progress
Status in linux source package in Xenial:
  In Progress
Status in linux source package in Bionic:
  Fix Released
Status in linux source package in Focal:
  Fix Released
Status in linux source package in Impish:
  Fix Released
Status in linux source package in Jammy:
  Fix Released

Bug description:
  [Impact]
  Abusing ext4_fallocate() (as a normal user) triggers a BUG()/kernel panic.

  
  [Fix]
  Apply this upstream fix:

  commit 2da376228a2427501feb9d15815a45dbdbdd753e
  Author: Tadeusz Struk <tadeusz.struk@xxxxxxxxxx>
  Date:   Thu Mar 31 13:05:15 2022 -0700

  ext4: limit length to bitmap_maxbytes - blocksize in punch_hole

  
  [Test]
  The reporter has provided a working reproducer.

  
  [Where problems could occur]
  Upstream fix already slated for @stable inclusion.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1972281/+subscriptions