803212 – (CVE-2021-33909) kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

Bug 803212 (CVE-2021-33909) - kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

Summary: kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2...

Status:	RESOLVED FIXED

Alias:	CVE-2021-33909

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	Normal critical (vote)
Assignee:	Gentoo Kernel Security

URL:	https://www.qualys.com/2021/07/20/cve...
Whiteboard:	A1
Keywords:

Depends on:	803092 803095
Blocks:
	Show dependency tree

Reported:	2021-07-21 12:15 UTC by Thomas Deutschmann (RETIRED)
Modified:	2022-03-26 01:31 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Deutschmann (RETIRED) gentoo-dev

2021-07-21 12:15:50 UTC

An out-of-bounds write flaw was found in the Linux kernel's seq_file in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2021-07-21 12:23:44 UTC

Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b

Included in:

>=linux-5.13.4
>=linux-5.10.52
>=linux-5.4.134
>=linux-4.19.198
>=linux-4.14.240
>=linux-4.9.276
>=linux-4.4.276

Comment 2 John Helmert III archtester

2021-07-22 14:46:45 UTC

These kernels were stabilized before this bug was opened.

Comment 3 Larry the Git Cow gentoo-dev

2021-07-23 21:42:19 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b9a1ff8f90810a533a7c11c6c145e61f69d1974

commit 6b9a1ff8f90810a533a7c11c6c145e61f69d1974
Author:     Michał Górny <mgorny@gentoo.org>
AuthorDate: 2021-07-23 21:40:33 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2021-07-23 21:42:10 +0000

    package.mask: Last rite sys-kernel/bliss-kernel-bin
    
    Bug: https://bugs.gentoo.org/803212
    Signed-off-by: Michał Górny <mgorny@gentoo.org>

 profiles/package.mask | 6 ++++++
 1 file changed, 6 insertions(+)

Comment 4 NATTkA bot gentoo-dev

2021-07-29 17:20:45 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 5 NATTkA bot gentoo-dev

2021-07-29 17:28:51 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 6 NATTkA bot gentoo-dev

2021-07-29 17:36:48 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 7 NATTkA bot gentoo-dev

2021-07-29 17:44:50 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 8 NATTkA bot gentoo-dev

2021-07-29 17:52:54 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 9 NATTkA bot gentoo-dev

2021-07-29 17:56:50 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 10 NATTkA bot gentoo-dev

2021-07-29 18:00:50 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 11 NATTkA bot gentoo-dev

2021-07-29 18:09:07 UTC

Package list is empty or all packages have requested keywords.

Comment 12 John Helmert III archtester

2022-03-26 01:31:01 UTC

(In reply to John Helmert III from comment #2)
> These kernels were stabilized before this bug was opened.

...and now we've long been cleaned up.