1157717 – (CVE-2019-19037) VUL-0: CVE-2019-19037: kernel-source: kernel: null-pointer dereference in ext4_empty_dir in fs/ext4/namei.c

Bug 1157717 (CVE-2019-19037) - VUL-0: CVE-2019-19037: kernel-source: kernel: null-pointer dereference in ext4_empty_dir in fs/ext4/namei.c

Summary: VUL-0: CVE-2019-19037: kernel-source: kernel: null-pointer dereference in ext...

Status:	RESOLVED FIXED

Alias:	CVE-2019-19037

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/247695/
Whiteboard:	CVSSv2:NVD:CVE-2019-19037:4.3:(AV:N/...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2019-11-25 15:54 UTC by Wolfgang Frisch
Modified:	2024-06-25 14:07 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
[PATCH] ext4: Fix ext4_empty_dir for directories with holes (3.35 KB, patch) 2019-11-27 13:14 UTC, Jan Kara	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Frisch 2019-11-25 15:54:57 UTC

CVE-2019-19037

A vulnerability was found in ext4_empty_dir in fs/ext4/namei.c in the Linux kernel allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.

Reference:
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19037

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1775182
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19037
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19037.html
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19037

Comment 2 Jan Kara 2019-11-27 13:14:42 UTC

Created attachment 825053 [details]
[PATCH] ext4: Fix ext4_empty_dir for directories with holes

This is the patch I've just submitted upstream.

Comment 3 Jan Kara 2019-11-27 13:16:11 UTC

The problem has been introduced by commit 4e19d6b65fb4 ("ext4: allow directory holes") which was merged into 5.3 so we need to fix only SLE15-SP2.

Comment 4 Jan Kara 2019-12-23 16:18:02 UTC

My fixes have been merged upstream as:

64d4ce892383 "ext4: fix ext4_empty_dir() for directories with holes"
109ba779d6cc "ext4: check for directory entries too close to block end"

I've pushed the fixes to SLE15-SP2 branch. Reassigning to security team for further handling.

Comment 5 Alexandros Toptsoglou 2020-04-29 13:41:29 UTC

Closing