References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

In the Linux kernel, the following vulnerability has been resolved:

afs: Fix dynamic root getattr

The recent patch to make afs_getattr consult the server didn't account
for the pseudo-inodes employed by the dynamic root-type afs superblock
not having a volume or a server to access, and thus an oops occurs if
such a directory is stat'd.

Fix this by checking to see if the vnode->volume pointer actually points
anywhere before following it in afs_getattr().

This can be tested by stat'ing a direc

https://git.kernel.org/stable/c/2b2bba96526f25f2eba74ecadb031de2e05a83ce

https://git.kernel.org/stable/c/65c24caf1b9f5b08397c6e805ec24ebc390c6e4d

https://git.kernel.org/stable/c/7844ceada44eca740d31beb3d97b8511b1ca0a9b

https://git.kernel.org/stable/c/7b564e3254b7db5fbfbf11a824627a6c31b932b4

https://git.kernel.org/stable/c/cb78d1b5efffe4cf97e16766329dd7358aed3deb

https://git.kernel.org/stable/c/e3a232e5767051483ffad4cef7d0a89d292a192b