|
Fixes an information-leak vulnerability in the kernel when it
truncated a file to a smaller size which consisted of an inline
extent that was compressed.
A caller of the clone ioctl could exploit this flaw by using only
standard file-system operations without root access to read the truncated data.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8374
Reference to upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=f1008f6d21ec52d533f7473e2e46218408fb4580
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|