** Description changed: - A flaw was found in the way splitting two extents in - ext4_ext_convert_to_initialized() worked. Althrough ex has been updated - in memory, it is not dirtied both in ext4_ext_convert_to_initialized() - and ext4_ext_insert_extent(). The disk layout is corrupted. Then it will - meet with a BUG_ON() when writting at the start of that extent - again.Local unprivileged users can use this flaw to crash the system - when ext4 filesystem is in use. + fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a + modified extent as dirty in certain cases of extent splitting, which + allows local users to cause a denial of service (system crash) via + vectors involving ext4 umount and mount operations. Break-Fix: 56055d3ae4cc7fa6d2b10885f20269de8a989ed7 667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/887291 Title: CVE-2011-3638 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/887291/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
