Re: [PATCH 3/4] ext2: Avoid printk floods in the face of directorycorruption

From: Andrew Morton
Date: Wed Sep 17 2008 - 15:27:00 EST


On Sat, 13 Sep 2008 11:32:50 -0400
"Theodore Ts'o" <tytso@xxxxxxx> wrote:

> From: "Theodore Ts'o" <tytso@xxxxxxx>
> To: akpm@xxxxxxxxxxxxxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx, "Theodore Ts'o" <tytso@xxxxxxx>, Eric Sandeen <sandeen@xxxxxxxxxx>, linux-ext4@xxxxxxxxxxxxxxx, Eugene Teo <eugeneteo@xxxxxxxxx>
> Subject: [PATCH 3/4] ext2: Avoid printk floods in the face of directory corruption
> Date: Sat, 13 Sep 2008 11:32:50 -0400
> X-Mailer: git-send-email 1.5.6.1.205.ge2c7.dirty
>
> Note: some people thinks this represents a security bug, since it
> might make the system go away while it is printing a large number of
> console messages, especially if a serial console is involved. Hence,
> it has been assigned CVE-2008-3528, but it requires that the attacker
> either has physical access to your machine to insert a USB disk with a
> corrupted filesystem image (at which point why not just hit the power
> button), or is otherwise able to convince the system administrator to
> mount an arbitrary filesystem image (at which point why not just
> include a setuid shell or world-writable hard disk device file or some
> such). Me, I think they're just being silly.
>
> Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx>
> Signed-off-by: "Theodore Ts'o" <tytso@xxxxxxx>
> Cc: linux-ext4@xxxxxxxxxxxxxxx
> Cc: Eugene Teo <eugeneteo@xxxxxxxxx>

This patch was purportedly authored by yourself, but I'm going to
assume that it was authored by Eric.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/