stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-09-25 16:49:33 +10:00
Code Issues Releases Wiki Activity
v5.10.244
linux-stable/fs
History
Roman Smirnov 64ddb14fd0 cifs: fix integer overflow in match_server() 
[ Upstream commit 2510859475 ]

The echo_interval is not limited in any way during mounting,
which makes it possible to write a large number to it. This can
cause an overflow when multiplying ctx->echo_interval by HZ in
match_server().

Add constraints for echo_interval to smb3_fs_context_parse_param().

Found by Linux Verification Center (linuxtesting.org) with Svace.

Fixes: adfeb3e00e ("cifs: Make echo interval tunable")
Cc: stable@vger.kernel.org
Signed-off-by: Roman Smirnov <r.smirnov@omp.ru>
Signed-off-by: Steve French <stfrench@microsoft.com>
[ Adapted to older CIFS filesystem structure and mount option parsing ]
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-09-09 18:45:25 +02:00
..
9p
adfs
affs affs: don't write overlarge OFS data block size fields 2025-04-10 14:31:00 +02:00
afs afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call 2025-03-13 12:46:44 +01:00
autofs
befs
bfs
btrfs btrfs: populate otime when logging an inode item 2025-08-28 16:22:56 +02:00
cachefiles
ceph ceph: fix possible integer overflow in ceph_zero_objects() 2025-07-17 18:27:38 +02:00
cifs cifs: fix integer overflow in match_server() 2025-09-09 18:45:25 +02:00
coda
configfs configfs: Do not override creating attribute file failure in populate_attrs() 2025-06-27 11:04:11 +01:00
cramfs
crypto
debugfs
devpts
dlm
ecryptfs
efivarfs efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare 2025-09-04 14:41:43 +02:00
efs
erofs erofs: fix incorrect symlink detection in fast symlink 2025-01-09 13:24:51 +01:00
exfat exfat: fix double free in delayed_free 2025-06-27 11:04:16 +01:00
exportfs exportfs: use pr_debug for unreachable debug statements 2024-06-21 14:54:05 +02:00
ext2 ext2: Verify bitmap and itable block numbers before using them 2024-08-19 05:40:56 +02:00
ext4 ext4: fix hole length calculation overflow in non-extent inodes 2025-08-28 16:22:56 +02:00
f2fs f2fs: fix to avoid out-of-boundary access in dnode page 2025-08-28 16:22:57 +02:00
fat fat: fix uninitialized variable 2024-10-22 15:39:24 +02:00
freevxfs
fscache
fuse virtiofs: add filesystem context source name check 2025-05-02 07:41:02 +02:00
gfs2 gfs2: move msleep to sleepable context 2025-06-27 11:04:11 +01:00
hfs hfs: fix not erasing deleted b-tree node issue 2025-08-28 16:22:39 +02:00
hfsplus hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() 2025-08-28 16:22:39 +02:00
hostfs
hpfs
hugetlbfs mm: update memfd seal write check to include F_SEAL_WRITE 2025-08-28 16:22:55 +02:00
iomap iomap: update ki_pos a little later in iomap_dio_complete 2024-11-08 16:21:58 +01:00
isofs isofs: Verify inode mode when loading from disk 2025-08-28 16:22:27 +02:00
jbd2 jbd2: prevent softlockup in jbd2_log_do_checkpoint() 2025-08-28 16:22:50 +02:00
jffs2 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places 2025-06-27 11:04:20 +01:00
jfs jfs: upper bound check of tree index in dbAllocAG 2025-08-28 16:22:45 +02:00
kernfs
lockd nfsd: stop setting ->pg_stats for unused stats 2024-09-12 11:06:45 +02:00
minix
nfs NFS: Fix a race when updating an existing write 2025-09-04 14:41:42 +02:00
nfs_common
nfsd NFSD: detect mismatch of file handle and delegation stateid in OPEN op 2025-08-28 16:22:38 +02:00
nilfs2 nilfs2: reject invalid file types when reading inodes 2025-08-28 16:22:30 +02:00
nls
notify fsnotify: fix sending inotify event with unexpected filename 2024-12-14 19:48:08 +01:00
ntfs
ocfs2 ocfs2: stop quota recovery before disabling quotas 2025-06-04 14:36:55 +02:00
omfs
openpromfs
orangefs fs/orangefs: use snprintf() instead of sprintf() 2025-08-28 16:22:44 +02:00
overlayfs ovl: Check for NULL d_inode() in ovl_dentry_upper() 2025-07-17 18:27:38 +02:00
proc fs/proc: do_task_stat: use __for_each_thread() 2025-07-17 18:27:54 +02:00
pstore
qnx4
qnx6
quota quota: flush quota_release_work upon quota writeback 2024-12-14 19:48:16 +01:00
ramfs
reiserfs
romfs
squashfs squashfs: fix memory leak in squashfs_fill_super 2025-08-28 16:22:51 +02:00
sysfs
sysv
tracefs
ubifs ubifs: skip dumping tnc tree when zroot is null 2025-03-13 12:46:57 +01:00
udf udf: Verify partition map count 2025-08-28 16:22:39 +02:00
ufs
unicode Revert "unicode: Don't special case ignorable code points" 2024-12-14 19:48:33 +01:00
vboxsf vboxsf: fix building with GCC 15 2025-04-10 14:30:49 +02:00
verity
xfs xfs: do not propagate ENODATA disk errors into xattr code 2025-09-04 14:41:46 +02:00
zonefs
aio.c
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c binfmt_misc: pass binfmt_misc flags to the interpreter 2024-09-04 13:17:42 +02:00
binfmt_elf.c binfmt_misc: pass binfmt_misc flags to the interpreter 2024-09-04 13:17:42 +02:00
binfmt_em86.c
binfmt_flat.c binfmt_flat: Fix integer overflow bug on 32 bit systems 2025-03-13 12:47:06 +01:00
binfmt_misc.c binfmt_misc: pass binfmt_misc flags to the interpreter 2024-09-04 13:17:42 +02:00
binfmt_script.c
block_dev.c
buffer.c fs/buffer: fix use-after-free when call bh_read() helper 2025-08-28 16:22:52 +02:00
char_dev.c
compat_binfmt_elf.c
coredump.c coredump: hand a pidfd to the usermode coredump helper 2025-06-04 14:37:09 +02:00
d_path.c
dax.c
dcache.c fs: better handle deep ancestor chains in is_subdir() 2024-07-27 10:40:21 +02:00
dcookies.c
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c epoll: Add synchronous wakeup support for ep_poll_callback 2025-01-09 13:24:55 +01:00
exec.c exec: don't WARN for racy path_noexec check 2024-11-08 16:21:58 +01:00
fcntl.c fs: Fix file_set_fowner LSM hook inconsistencies 2024-10-17 15:08:03 +02:00
fhandle.c
file_table.c
file.c alloc_fdtable(): change calling conventions. 2025-08-28 16:22:59 +02:00
filesystems.c fs/filesystems: Fix potential unsigned integer underflow in fs_name() 2025-06-27 11:04:10 +01:00
fs_context.c
fs_parser.c
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
fsopen.c
init.c
inode.c vfs: fix race between evice_inodes() and find_inode()&iput() 2024-10-17 15:08:03 +02:00
internal.h
ioctl.c
Kconfig nfs: add missing selections of CONFIG_CRC32 2025-05-02 07:41:01 +02:00
Kconfig.binfmt
kernel_read_file.c
libfs.c better lockdep annotations for simple_recursive_removal() 2025-08-28 16:22:40 +02:00
locks.c filelock: Fix fcntl/close race recovery compat path 2024-07-27 10:40:24 +02:00
Makefile
mbcache.c
mount.h
mpage.c
namei.c fuse: don't truncate cached, mutated symlink 2025-04-10 14:30:50 +02:00
namespace.c use uniform permission checks for all mount propagation changes 2025-08-28 16:22:52 +02:00
no-block.c
nsfs.c
open.c openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) 2024-11-08 16:22:00 +01:00
pipe.c
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
remap_range.c
select.c select: Fix unbalanced user_access_end() 2025-03-13 12:46:44 +01:00
seq_file.c
signalfd.c
splice.c splice: don't generate zero-len segement bvecs 2024-11-17 14:59:37 +01:00
stack.c
stat.c
statfs.c
super.c fs: explicitly unregister per-superblock BDIs 2024-10-17 15:07:38 +02:00
sync.c
timerfd.c
userfaultfd.c
utimes.c
xattr.c