projects / openwrt / staging / stintel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1285938) | patch
e2fsprogs: Fix CVE-2022-1304
authorHauke Mehrtens <hauke@hauke-m.de>
Mon, 5 Dec 2022 23:17:35 +0000 (00:17 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Tue, 6 Dec 2022 22:29:14 +0000 (23:29 +0100)
commit1a0f2c3a3ecb19f65bdc269818ed373958d032e6
treefffc78017f08f0ae0149cf138f000a9384a103ddtree | snapshot
parent1285938d2c09034143508485dbd223fbb06341ebcommit | diff
e2fsprogs: Fix CVE-2022-1304

This fixes CVE-2022-1304:
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
This issue leads to a segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 60e335b76ea0aeedd9f8e01d247f9aaa617076da)
package/utils/e2fsprogs/Makefile diff | blob | history
package/utils/e2fsprogs/patches/004-CVE-2022-1304-libext2fs-add-sanity-check-to-extent-manipulation.patch [new file with mode: 0644] blob
tools/e2fsprogs/Makefile diff | blob | history
tools/e2fsprogs/patches/004-CVE-2022-1304-libext2fs-add-sanity-check-to-extent-manipulation.patch [new file with mode: 0644] blob
Staging tree of Stijn Tintel