Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp1231065ybg; Thu, 11 Jun 2020 04:36:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwyeZNxaMb7Py+TjZLOHkc6U3fVlKddV6Y2kxaQ840eeEK//paUXSV8dnhcfivABLtESbK8 X-Received: by 2002:a17:907:94c4:: with SMTP id dn4mr7679494ejc.150.1591875391303; Thu, 11 Jun 2020 04:36:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591875391; cv=none; d=google.com; s=arc-20160816; b=ghkUSpt5C/Zp+MI9J0Wz+rNAu/2B6+2FOWljklTan7qa11hT9q9RvI3CcAK/3BEHpG +GO9i4GTrtFQrBs+K37E0eCJrxFX7x9v0rO4t5rT10tuCn9C/+EGsDd4qUPHGCg5DBvn WpgF8LBNWaPk0wmI20WpKv0Sk5llj/NWyIXtilRgqmrXRvFC/KWOu0ZBvP0KPZ94qOEH 5ynV3Zl5L1ZoLr9LRCk4QlRldq2nYAPMeo6yvArgzQqHCj+bvD2N+oIDxN025ecMHzKb 2ZF4Jm7DPKXcZe8mr+caaMIu8Nyd7nPLLpmnA4A75spDwCJqM+mKc+Lf5TLsREkqOZno os/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=1sz3iOZd7A9NQgrqPlshY3sT8MjMsPj8u7c/pCUjeWk=; b=MdNfLohOUp8Fj4r8BU59ZsYjiNZyCmY4XtgVYZ61DVf64HwnRgTduwpDoO6p2ru3oQ xGhV72+4HZJE87+1OcYYXRGrejrC3f9fTWukDPbwuXwUDWzm0+Uqdg0OeQZrAvY3QZMP s1mi4XpLgG/ft3Ah4+GQhhwGZ6F8jN92M3S25lHoCYt/FHGX4ZO8EPTQBtkmXYupKEOC E8Siv8o7XFXffWvNKIl8AvxCitZ6FAvyCP0DOY7JJatN3uxb5vCl8I7YgL1P7jlp/8GL 1B8Qj0Kv9WHvUtv+S56J/wewlomAFkoc3mzxIqKubabsKxwWGUigKzXUOTiBqcKb1p/R qClg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dCcT0jSP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l2si1579424edf.333.2020.06.11.04.36.08; Thu, 11 Jun 2020 04:36:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dCcT0jSP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727984AbgFKLUh (ORCPT + 99 others); Thu, 11 Jun 2020 07:20:37 -0400 Received: from mail.kernel.org ([198.145.29.99]:45256 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727942AbgFKLUf (ORCPT ); Thu, 11 Jun 2020 07:20:35 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2BF622078D; Thu, 11 Jun 2020 11:20:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1591874433; bh=0+sxtBect72jPqO+rq641H6d/+ec4oVrijKYw9rAwo0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dCcT0jSPypweAOdofLdfgp2pOpmONzVnSW9dyk2kGe1bYIp7OWl4/97f6iD4a2Cql B1T5zVmzFd7/toMVNoMgVCll0xC4ubCB/z8JdeTauCsDa9YSbfaV6OI1qtuWtqM51N GgP57QNq8vl3kaebrObZaGsXGqN8Un/7ssRmkiWY= Date: Thu, 11 Jun 2020 13:20:27 +0200 From: Greg KH To: Vikash Bansal Cc: stable@vger.kernel.org, srivatsab@vmware.com, srivatsa@csail.mit.edu, amakhalov@vmware.com, srinidhir@vmware.com, anishs@vmware.com, vsirnapalli@vmware.com, akaher@vmware.com, clm@fb.com, josef@toxicpanda.com, dsterba@suse.com, anand.jain@oracle.com, linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4.19.y 0/2] btrfs: Fix for CVE-2019-18885 Message-ID: <20200611112027.GJ3802953@kroah.com> References: <20200609065018.26378-1-bvikas@vmware.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200609065018.26378-1-bvikas@vmware.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 09, 2020 at 12:20:16PM +0530, Vikash Bansal wrote: > CVE Description: > NVD Site Link: https://nvd.nist.gov/vuln/detail?vulnId=CVE-2019-18885 > > It was discovered that the btrfs file system in the Linux kernel did not > properly validate metadata, leading to a NULL pointer dereference. An > attacker could use this to specially craft a file system image that, when > mounted, could cause a denial of service (system crash). > > [PATCH v4.19.y 1/2]: > Backporting of upsream commit 09ba3bc9dd15: > btrfs: merge btrfs_find_device and find_device > > [PATCH v4.19.y 2/2]: > Backporting of upstream commit 62fdaa52a3d0: > btrfs: Detect unbalanced tree with empty leaf before crashing > > On NVD site link of "commit 09ba3bc9dd150457c506e4661380a6183af651c1" > was given as the fix for this CVE. But the issue was still reproducible. > So had to apply patch "Commit 62fdaa52a3d00a875da771719b6dc537ca79fce1" > to fix the issue. Looks good, now queued up,t hanks. greg k-h