References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

ext4: verify orphan file size is not too big

In principle orphan file can be arbitrarily large. However orphan replay
needs to traverse it all and we also pin all its buffers in memory. Thus
filesystems with absurdly large orphan files can lead to big amounts of
memory consumed. Limit orphan file size to a sane value and also use
kvmalloc() for allocating array of block descriptor structures to avoid
large order allocations for sane but large orphan files.

https://git.kernel.org/stable/c/0a6ce20c156442a4ce2a404747bb0fb05d54eeb3

https://git.kernel.org/stable/c/2b9da798ff0f4d026c5f0f815047393ebe7d8859

https://git.kernel.org/stable/c/304fc34ff6fc8261138fd81f119e024ac3a129e9

https://git.kernel.org/stable/c/566a1d6084563bd07433025aa23bcea4427de107

https://git.kernel.org/stable/c/95a21611b14ae0a401720645245a8db16f040995

https://git.kernel.org/stable/c/a2d803fab8a6c6a874277cb80156dc114db91921