It was reported that there are some exit points in ext4_fill_super which result in destruction of workqueue which is not yet initialized, leading to kernel NULL pointer dereference. Oops report can be found in product bug: https://bugzilla.redhat.com/show_bug.cgi?id=1266862 CVE request: http://seclists.org/oss-sec/2015/q4/357 CVE assignment: http://seclists.org/oss-sec/2015/q4/360 Upstream fix (only part of the commit is related): http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11
Statement: This problem did not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 7 and MRG-2.
Acknowledgements: Red Hat would like to thank Dmitriy Monakhov of OpenVZ project for reporting this issue.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0855 https://rhn.redhat.com/errata/RHSA-2016-0855.html