Adrian Bunk wrote:
While going through patches for 2.6.16.x, I stumbled over the following
regarding the "NFS export of ext2/ext3" security vulnerabilities (the
ext3 one is CVE-2006-3468, I don't whether there's a number for the
ext2 one):
There are three patches available:
have-ext2-reject-file-handles-with-bad-inode-numbers-early.patch
have-ext3-reject-file-handles-with-bad-inode-numbers-early.patch
ext3-avoid-triggering-ext3_error-on-bad-nfs-file-handle.patch
The first two patches are except for a s/ext2/ext3/ identical.
The two ext3 patches fix the same issue in slightly different ways.
It seems there was already some agreement that the first of the two ext3
patches should be preferred due to being more the same as the ext2 patch
(see [1] and followups).
But the only patch that is applied in 2.6.18-rc4 (and in 2.6.17.9) is
the ext3 patch that is _not_ identical to the ext2 one.
Is it the correct solution to revert this ext3 patch in both 2.6.18-rc
and 2.6.17 and to apply the other two patches?
cu
Adrian
BTW: I've attached all three patches.
[1] http://lkml.org/lkml/2006/8/4/192
IMO the first two should be used; i.e. those that add ext[23]_get_dentry().
-Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
