Bug 411501

Summary:	app-emulation/qemu-kvm : "ext4_fill_flex_info()" Denial of Service Vulnerability
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	minor	CC:	qemu+disabled
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://secunia.com/advisories/48645/
Whiteboard:
Package list:		Runtime testing required:	---

Description Agostino Sarubbo gentoo-dev

2012-04-10 18:32:20 UTC

From secunia security advisory at $URL:


Description
A vulnerability has been reported in KVM qemu-kvm, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "ext4_fill_flex_info()" function in fs/ext4/super.c when mounting a file system and can be exploited to cause a division by zero.

NOTE: This is caused due to an incomplete fix for vulnerability #2 in:
https://secunia.com/advisories/37658/


Solution:
Fixed in the GIT repository.http://git.kernel.org/?p=virt/kvm/kvm.git;a=commit;h=d50f2ab6f050311dbf7b8f5501b25f0bf64a439b

Comment 1 Doug Goldstein (RETIRED) gentoo-dev

2012-04-10 18:40:31 UTC

This is a kernel bug in the ext4 filesystem kernel module. The patch you referenced is from the KVM repo that is branched off of Linus' tree.

Comment 2 Agostino Sarubbo gentoo-dev

2012-04-10 18:51:42 UTC

(In reply to comment #1)
> This is a kernel bug in the ext4 filesystem kernel module. The patch you
> referenced is from the KVM repo that is branched off of Linus' tree.

I just reported secunia advisory, let me investigate

Comment 3 Agostino Sarubbo gentoo-dev

2012-04-11 14:08:42 UTC

(In reply to comment #1)
> This is a kernel bug in the ext4 filesystem kernel module. The patch you
> referenced is from the KVM repo that is branched off of Linus' tree.

As you said this is completely invalid, I will poke secunia to know what's up.

Apologize for the mailspam.