[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Backporting a security fix for e2fsprogs to Stable

Hi, I just released e2fsprogs v1.45.4 (upstream and for Debian
unstable) which among other things, contains a fix[1] for
CVE-2019-5094 / TALOS-2019-0887.  I imagine Talos will be doing a full
disclosure with a proof-of-concept exploit within the next few days.

[1] https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=8dbe7b475ec5e91ed767239f0e85880f416fc384

The impact of this bug is that if an attacker can tricker the system
into running e2fsck on an untrustworthy file system as root, a
maliciously crafted file system could result in a buffer overflow that
can result in arbitrary userspace memory modification.  Hence,
weaponizing this vulnerability so allowing the attacker to run code as
whatever user ran e2fsck should be fairly simple.

What's the procedure with respect to getting this backported to the
vesion of e2fsprogs in Debian Stable?  Will you do it, or should I do
the backport?  I'm happy to create the backport, but then what's the
best way of getting this into Stable as efficiently as possible?


						- Ted

Reply to: