[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH] ext4: fix race between write and fcntl(F_SETFL) ping.

On Wed, Apr 01, 2015 at 10:23:37PM +0300, Dmitry Monakhov wrote:
> >> Wow.... I've just got a good present for a fools day.
> >> It is appeared that stable kernel still has this bug(CVE-2014-8086) unfixed.
> >> At least my notebook (debian/testing 3.16.5) oopsed like follows:
> >
> > 3.16 is not a stable kernel I maintain, it's long since dead.
> Ohh. I see. So this is just a unstable Debian's crap.
> > Is there a specific patch I should be applying to the 3.14 or 3.10
> > kernels that solve this problem?
> Yes original commit is a41537e69b4aa43f0fea02498c2595a81267383b
> In fact 3.14 and 3.10 already has fixes.
> 3.14 07110343605adc3f
> 3.10 30d8c8352812e924

Dmitry, if you open a bug report against the Debian kernel, I'm sure
they'll take care of applying a backport of the patch --- especially
since this is a potential security issue (CVE-2014-8086).


					- Ted

> So I have to just migrate my note to truly stable kernel :)

Ah, do what I do --- run truly bleeding edge and use the latest kernel
with the ext4 dev branch merged in.  (After I've made sure it passes a
full set of regression tests, of course!)  Nothing like file system
developers eating their own dog food.  :-)

The only downside, speaking as a Debian developer, is that I don't end
up paying that much attention to the Debian kernel.  So if there are
some other ext4 developers who are willing to help push patches into
the Debian kernel, that would be much appreciated.

Reply to: