1549421 – (CVE-2017-18193) CVE-2017-18193 kernel: Mishandled extent trees in fs/f2fs/extent_cache.c can allow a local user to cause a denial of service

Bug 1549421 (CVE-2017-18193) - CVE-2017-18193 kernel: Mishandled extent trees in fs/f2fs/extent_cache.c can allow a local user to cause a denial of service

Summary: CVE-2017-18193 kernel: Mishandled extent trees in fs/f2fs/extent_cache.c can ...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2017-18193
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1550994
Blocks:	Embargoed1549422
TreeView+	depends on / blocked

Reported:	2018-02-27 04:18 UTC by Sam Fowler
Modified:	2021-06-10 14:53 UTC (History)
CC List:	27 users (show)
Fixed In Version:	kernel 4.13
Doc Type:	If docs needed, set a value
Doc Text:	fs/f2fs/extent_cache.c in the Linux kernel, before 4.13, mishandles extent trees. This allows local users to cause a denial of service via an application with multiple threads.
Clone Of:
Environment:
Last Closed:	2018-03-02 14:03:32 UTC

Attachments	(Terms of Use)

Description Sam Fowler 2018-02-27 04:18:56 UTC

fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service via an application with multiple threads.

An upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dad48e73127ba10279ea33e6dbc8d3905c4d31c0

Comment 2 Vladis Dronov 2018-03-02 14:00:03 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1550994]

Comment 4 Vladis Dronov 2018-03-02 14:03:32 UTC

Statement:

This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE, as the code with the flaw is not built and shipped in the products listed.

Comment 5 Justin M. Forbes 2018-03-02 21:19:23 UTC

This issue was fixed for Fedora with the 4.13 kernel rebases.

Note You need to log in before you can comment on or make changes to this bug.

aquini
bhu
blc
dhoward
esammons
fhrbata
hkrzesin
hwkernel-mgr
iboverma
jforbes
jkacur
jross
kernel-mgr
lgoncalv
lwang
matt
mcressma
mguzik
mlangsdo
nmurray
plougher
rt-maint
rvrbovsk
skozina
vdronov
williams
yozone