A flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop() introduced by commit 9705acd63b125dee8b15c705216d7186daea4625. Attackers could abuse this to allow any code which attempts to deal with the journal failure, to be mishandled or not a failure at all. This could lead to data corruption or crashes. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6934da9238da947628be83635e365df41064b09b Reference: https://source.android.com/security/bulletin/2016-11-01.html#eop-in-kernel-file-system
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG 2.x. This issue has been rated as having moderate security impact.