kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #111795
[Bug 1435441] Re: btrfs: invalid size on resize ioctl is ignored and not flagged up as an error (trusty)
This bug was fixed in the package linux - 3.13.0-49.81
---------------
linux (3.13.0-49.81) trusty; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1436016
[ Alex Hung ]
* SAUCE: ACPI / blacklist: blacklist Win8 OSI for HP Pavilion dv6
- LP: #1416940
[ Andy Whitcroft ]
* [Packaging] generate live watchdog blacklists
- LP: #1432837
[ Ben Widawsky ]
* SAUCE: i915_bdw: drm/i915/bdw: enable eDRAM.
- LP: #1430855
[ Chris J Arges ]
* [Config] Add ibmvfc to d-i
- LP: #1416001
[ Seth Forshee ]
* [Config] updateconfigs - enable X86_UP_APIC_MSI
[ Upstream Kernel Changes ]
* net: add sysfs helpers for netdev_adjacent logic
- LP: #1410852
* net: Mark functions as static in core/dev.c
- LP: #1410852
* net: rename sysfs symlinks on device name change
- LP: #1410852
* btrfs: fix null pointer dereference in clone_fs_devices when name is
null
- LP: #1429804
* cdc-acm: add sanity checks
- LP: #1413992
* x86: thinkpad_acpi.c: fixed spacing coding style issue
- LP: #1417915
* thinkpad_acpi: support new BIOS version string pattern
- LP: #1417915
* net: sctp: fix slab corruption from use after free on INIT collisions
- LP: #1416506
- CVE-2015-1421
* ipv4: try to cache dst_entries which would cause a redirect
- LP: #1420027
- CVE-2015-1465
* x86, mm/ASLR: Fix stack randomization on 64-bit systems
- LP: #1423757
- CVE-2015-1593
* net: llc: use correct size for sysctl timeout entries
- LP: #1425271
- CVE-2015-2041
* net: rds: use correct size for max unacked packets and bytes
- LP: #1425274
- CVE-2015-2042
* Btrfs: clear compress-force when remounting with compress option
- LP: #1434183
* ext4: merge uninitialized extents
- LP: #1430184
* btrfs: filter invalid arg for btrfs resize
- LP: #1435441
* Bluetooth: Add firmware update for Atheros 0cf3:311f
* Bluetooth: btusb: Add IMC Networks (Broadcom based)
* Bluetooth: sort the list of IDs in the source code
* Bluetooth: append new supported device to the list [0b05:17d0]
* Bluetooth: Add support for Intel bootloader devices
* Bluetooth: Ignore isochronous endpoints for Intel USB bootloader
* Bluetooth: Add support for Acer [13D3:3432]
* Bluetooth: Add support for Broadcom device of Asus Z97-DELUXE
motherboard
* Add a new PID/VID 0227/0930 for AR3012.
* Bluetooth: Add support for Acer [0489:e078]
* Bluetooth: Add USB device 04ca:3010 as Atheros AR3012
* x86: mm: move mmap_sem unlock from mm_fault_error() to caller
* vm: add VM_FAULT_SIGSEGV handling support
* vm: make stack guard page errors return VM_FAULT_SIGSEGV rather than
SIGBUS
* spi/pxa2xx: Clear cur_chip pointer before starting next message
* spi: dw: Fix detecting FIFO depth
* spi: dw-mid: fix FIFO size
* ASoC: wm8960: Fix capture sample rate from 11250 to 11025
* regulator: core: fix race condition in regulator_put()
* ASoC: omap-mcbsp: Correct CBM_CFS dai format configuration
* can: c_can: end pending transmission on network stop (ifdown)
* nfs: fix dio deadlock when O_DIRECT flag is flipped
* NFSv4.1: Fix an Oops in nfs41_walk_client_list
* Input: i8042 - add noloop quirk for Medion Akoya E7225 (MD98857)
* mac80211: properly set CCK flag in radiotap
* nl80211: fix per-station group key get/del and memory leak
* i2c: s3c2410: fix ABBA deadlock by keeping clock prepared
* usb-storage/SCSI: blacklist FUA on JMicron 152d:2566 USB-SATA
controller
* drm/i915: Only fence tiled region of object.
* drm/i915: Fix and clean BDW PCH identification
* drm/i915: BDW Fix Halo PCI IDs marked as ULT.
* ALSA: seq-dummy: remove deadlock-causing events on close
* drivers/rtc/rtc-s5m.c: terminate s5m_rtc_id array with empty element
* drivers: net: cpsw: discard dual emac default vlan configuration
* can: kvaser_usb: Do not sleep in atomic context
* can: kvaser_usb: Send correct context to URB completion
* can: kvaser_usb: Retry the first bulk transfer on -ETIMEDOUT
* can: kvaser_usb: Fix state handling upon BUS_ERROR events
* quota: Switch ->get_dqblk() and ->set_dqblk() to use bytes as space
units
* rbd: fix rbd_dev_parent_get() when parent_overlap == 0
* rbd: drop parent_ref in rbd_dev_unprobe() unconditionally
* dm cache: fix missing ERR_PTR returns and handling
* dm thin: don't allow messages to be sent to a pool target in READ_ONLY
or FAIL mode
* net: cls_bpf: fix size mismatch on filter preparation
* net: cls_bpf: fix auto generation of per list handles
* ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos
too
* perf: Tighten (and fix) the grouping condition
* arc: mm: Fix build failure
* MIPS: IRQ: Fix disable_irq on CPU IRQs
* Complete oplock break jobs before closing file handle
* smpboot: Add missing get_online_cpus() in
smpboot_register_percpu_thread()
* ASoC: atmel_ssc_dai: fix start event for I2S mode
* spi: fsl-dspi: Fix memory leak
* spi: spi-fsl-dspi: Remove usage of devm_kzalloc
* ALSA: ak411x: Fix stall in work callback
* lib/checksum.c: fix carry in csum_tcpudp_nofold
* MIPS: Fix kernel lockup or crash after CPU offline/online
* gpio: sysfs: fix memory leak in gpiod_export_link
* gpio: sysfs: fix memory leak in gpiod_sysfs_set_active_low
* PCI: Add NEC variants to Stratus ftServer PCIe DMI check
* ASoC: sgtl5000: add delay before first I2C access
* PCI: Handle read-only BARs on AMD CS553x devices
* mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range
* nilfs2: fix deadlock of segment constructor over I_SYNC flag
* tcp: ipv4: initialize unicast_sock sk_pacing_rate
* caif: remove wrong dev_net_set() call
* qlge: Fix qlge_update_hw_vlan_features to handle if interface is down
* ip6_gre: fix endianness errors in ip6gre_err
* spi: dw: revisit FIFO size detection again
* Linux 3.13.11-ckt17
-- Kamal Mostafa <kamal@xxxxxxxxxxxxx> Tue, 24 Mar 2015 11:58:44 -0700
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1421
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1465
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1593
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2041
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2042
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1435441
Title:
btrfs: invalid size on resize ioctl is ignored and not flagged up as
an error (trusty)
Status in linux package in Ubuntu:
Fix Released
Bug description:
SRU Justification: (Trusty)
[Impact]
Illegal and/or incorrect btrfs resize parameters can be passed to the btrfs_ioctl_resize handler and it is not picked up as an error.
[Fix]
upstream commit 9a40f1222a372de77344d85d31f8fe0e1c0e60e7
"btrfs: filter invalid arg for btrfs resize"
this is a simple parsing check, risk is low to zero.
[Testcase]
# btrfs fi resize -10A <mnt>
# btrfs fi resize -10Gaha <mnt>
These should fail with -EINVAL. Without the fix, they don't. With the
fix they do.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1435441/+subscriptions
References