References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

Squashfs: check metadata block offset is within range

Syzkaller reports a "general protection fault in squashfs_copy_data"

This is ultimately caused by a corrupted index look-up table, which
produces a negative metadata block offset.

This is subsequently passed to squashfs_copy_data (via
squashfs_read_metadata) where the negative offset causes an out of bounds
access.

The fix is to check that the offset is within range in
squashfs_read_metadata.  This will trap this and other cases.

https://git.kernel.org/stable/c/01ee0bcc29864b78249308e8b35042b09bbf5fe3

https://git.kernel.org/stable/c/0c8ab092aec3ac4294940054772d30b511b16713

https://git.kernel.org/stable/c/3b9499e7d677dd4366239a292238489a804936b2

https://git.kernel.org/stable/c/6b847d65f5b0065e02080c61fad93d57d6686383

https://git.kernel.org/stable/c/9e9fa5ad37c9cbad73c165c7ff1e76e650825e7c

https://git.kernel.org/stable/c/fdb24a820a5832ec4532273282cbd4f22c291a0d