Date: Sat, 12 Feb 2022 02:04:11 -0500 From: Wenqing Liu <liu@...fsu.edu> To: oss-security@...ts.openwall.com Subject: CVE-2021-44879: kernel:NULL pointer dereference in fs/f2fs/gc.c:move_data_page Description: In move_data_page in fs/f2fs/gc.c in the Linux kernel 5.15.1-5.15.16, there is an NULL pointer dereference when f2fs tries to migrate a block that belong to special file, and the file doesn't have assigned address space operations pointer array for mapping->a_ops field but called a_ops->set_dirty_page(). Could cause denial of service when mounting and operate on the crafted image. References: https://bugzilla.kernel.org/show_bug.cgi?id=215231 https://firstname.lastname@example.org/T/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.