Bugzilla – Bug 899480
VUL-0: CVE-2014-7283: kernel: xfs: memory corruption by creating directories
Last modified: 2021-04-19 11:36:33 UTC
From: Hannes Frederic Sowa <email@example.com>
Date: Thu, 02 Oct 2014 00:05:45 +0200
Subject: [oss-security] xfs directory hash ordering bug
Another kernel bug which did not get a CVE yet, but should be considered
to get one (sorry for the late notification):
Basically it allows a local user to corrupt a xfs filesystem by just
creating directories. Depending on whether it is the root filesystem or
not the kernel panics or just oopses and forcefully disconnects the
The commit states that xfs_repair repairs the filesystem but IIRC
further access to that directory would still cause the kernel to either
oops or panic. So xfs_repair could not correctly fix the filesystem in
all situations. But I am not sure anymore and didn't follow up on this
(I had a relocation coming up).
My initial report here:
3.10+ issue so not TD branch is affected.
SLE12, openSUSE 13.1, 13.2, Factory affected.
Actually, SLE12 has the fix: the respective stable commit id fd4037cadecf7b5c0e288c19d958917ac1c62a83 went in in 3.12.18 stable AFAICT.
bugbot adjusting priority
The fix went into 3.15-rc1, so openSUSE 13.2 and Factory are fine. openSUSE 13.1 is indeed missing the fix.
Pushed to openSUSE 13.1 kernel branch. All is done so moving the bug back to security-team.
no need to continue tracking for opensuse, will be in next update