A flaw was found in the way Linux kernel's XFS filesystem
implementation handled links with pathname larger than
MAXPATHLEN. When CONFIG_XFS_DEBUG configuration option was not
enabled when compiling Linux kernel, an attacker able to mount
malicious XFS image could use this flaw to crash the system,
or potentially, elevate his privileges on that system.
The fix for this issue has hit precise via upstream. Following this email
are 4 patches. The first for hardy; the second for lucid, lucid/fsl-imx51,
maverick, and maverick/ti-omap4; the third for natty and natty/ti-omap3;
and the last for oneiric. All of these are trivial backports from
the upstream commit differing only in how the errors are reported and
Proposing for hardy, lucid, lucid/fsl-imx51, maverick, maverick/ti-omap4,
natty, natty/ti-omap3, and oneiric.
Tim Gardner email@example.com
kernel-team mailing list