From 291c45aaebb29078e32ff38f7b9998fd9fdfe167 Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Wed, 6 Apr 2016 08:53:36 +0200
Subject: kernel/Btrfs: CVE-2015-8374

Fixes an information-leak vulnerability in the kernel when it
truncated a file to a smaller size which consisted of an inline
extent that was compressed.
A caller of the clone ioctl could exploit this flaw by using only
standard file-system operations without root access to read the truncated data.

Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8374

Reference to upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=f1008f6d21ec52d533f7473e2e46218408fb4580

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
---
 recipes-kernel/linux/linux-hierofalcon_4.1.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'recipes-kernel/linux/linux-hierofalcon_4.1.bb')

diff --git a/recipes-kernel/linux/linux-hierofalcon_4.1.bb b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
index 2141668..f528b53 100644
--- a/recipes-kernel/linux/linux-hierofalcon_4.1.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_4.1.bb
@@ -36,6 +36,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-4.1;branch="standard/qemuarm64
            file://usb-CVE-2015-8816.patch \
            file://bpf-CVE-2016-2383.patch \
            file://ALSA-CVE-2016-2546.patch \
+           file://Btrfs-CVE-2015-8374.patch \
            "
 
 S = "${WORKDIR}/git"
-- 
cgit v1.2.3-54-g00ecf