From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:57799 "EHLO
        out1-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1726611AbeLRQWT (ORCPT
        <rfc822;stable@vger.kernel.org>); Tue, 18 Dec 2018 11:22:19 -0500
Date: Tue, 18 Dec 2018 17:22:15 +0100
From: Greg KH <greg@kroah.com>
To: Loic <hackurx@opensec.fr>
Cc: stable@vger.kernel.org, heyunlei@huawei.com, jaegeuk@kernel.org
Subject: Re: [PATCH] f2fs: fix a panic caused by NULL flush_cmd_control
Message-ID: <20181218162215.GA8760@kroah.com>
References: <20181215182154.a8d9e1dad259dee57d12b7d2@opensec.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181215182154.a8d9e1dad259dee57d12b7d2@opensec.fr>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Sat, Dec 15, 2018 at 06:21:54PM +0100, Loic wrote:
> Hello,
> 
> Please picked up this patch for linux 4.4. 
> This fixes CVE-2017-18241. This has been fixed in linux 4.9.144.
> 
> Thank.
> 
> [ Upstream commit d4fdf8ba0e5808ba9ad6b44337783bd9935e0982 ]
> 
> From: Yunlei He <heyunlei@huawei.com>
> Date: Thu, 1 Jun 2017 16:43:51 +0800
> Subject: [PATCH] f2fs: fix a panic caused by NULL flush_cmd_control
> 
> Mount fs with option noflush_merge, boot failed for illegal address
> fcc in function f2fs_issue_flush:
> 
>         if (!test_opt(sbi, FLUSH_MERGE)) {
>                 ret = submit_flush_wait(sbi);
>                 atomic_inc(&fcc->issued_flush);   ->  Here, fcc illegal
>                 return ret;
>         }
> 
> Signed-off-by: Yunlei He <heyunlei@huawei.com>
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> [bwh: Backported to 4.9: adjust context]
> ---
>  fs/f2fs/segment.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)

Now queued up, thanks.

greg k-h