FEDORA-2020-01ed02451f created by lczerner 7 months ago for Fedora 30
stable

Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188)

A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses CVE-2019-5094)

Fix potential use after free in calculate_tree()

How to install

sudo dnf upgrade --advisory=FEDORA-2020-01ed02451f

This update has been submitted for testing by lczerner.

7 months ago

This update's test gating status has been changed to 'waiting'.

7 months ago

This update's test gating status has been changed to 'ignored'.

7 months ago

This update has been pushed to testing.

7 months ago

This update can be pushed to stable now if the maintainer wishes

6 months ago

This update has been submitted for stable by bodhi.

6 months ago

This update has been pushed to stable.

6 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
7 months ago
in testing
7 months ago
in stable
6 months ago
BZ#1792192 CVE-2019-5094 e2fsprogs: crafted ext4 partition leads to out-of-bounds write [fedora-all]
0
0
BZ#1792193 CVE-2019-5188 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c [fedora-all]
0
0

Automated Test Results