SUSE has issued an advisory on May 12: https://lists.suse.com/pipermail/sle-security-updates/2022-May/010997.html Upstream fix: https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczerner@redhat.com/T/#u https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=ab51d587bb9b229b1fade1afd02e1574c1ba5c76 Mageia 8 may also be affected.
Status comment: (none) => Patch available from upstream
Equivalent openSUSE advisory: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HV3R6DJ424I5JBDSF3ZYYH63VRSXB65J/
Assinging to the registered e2fsprogs maintainer
Assignee: bugsquad => thierry.vignaudCC: (none) => marja11
Ubuntu has issued an advisory for this on June 7: https://ubuntu.com/security/notices/USN-5464-1
Whiteboard: (none) => MGA8TOO
Suggested advisory: ======================== The updated packages fix a security vulnerability: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. (CVE-2022-1304) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1304 https://lists.suse.com/pipermail/sle-security-updates/2022-May/010997.html https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HV3R6DJ424I5JBDSF3ZYYH63VRSXB65J/ https://ubuntu.com/security/notices/USN-5464-1 ======================== Updated packages in core/updates_testing: ======================== e2fsprogs-1.45.6-6.1.mga8 e2scrub-1.45.6-6.1.mga8 lib64com_err2-1.45.6-6.1.mga8 lib64com_err-devel-1.45.6-6.1.mga8 lib64ext2fs2-1.45.6-6.1.mga8 lib64ext2fs-devel-1.45.6-6.1.mga8 lib64ss2-1.45.6-6.1.mga8 lib64ss-devel-1.45.6-6.1.mga8 from SRPM: e2fsprogs-1.45.6-6.1.mga8.src.rpm
CC: (none) => nicolas.salgueroStatus comment: Patch available from upstream => (none)Status: NEW => ASSIGNEDWhiteboard: MGA8TOO => (none)CVE: (none) => CVE-2022-1304Assignee: thierry.vignaud => qa-bugsSource RPM: e2fsprogs-1.46.5-2.mga9.src.rpm => e2fsprogs-1.45.6-6.mga8.src.rpmVersion: Cauldron => 8
MGA8-64 MATE on Acer Aspire 5253 No installation issues. Followed tests from bug 15208 At CLI: $ cd /tmp $ dd if=/dev/zero of=foo.img bs=1M count=8 8+0 records in 8+0 records out 8388608 bytes (8.4 MB, 8.0 MiB) copied, 0.0340864 s, 246 MB/s $ /sbin/mkfs.ext3 foo.img mke2fs 1.45.6 (20-Mar-2020) Discarding device blocks: done Creating filesystem with 8192 1k blocks and 2048 inodes Allocating group tables: done Writing inode tables: done Creating journal (1024 blocks): done Writing superblocks and filesystem accounting information: done $ mkdir foofs In second tab in MATE terminal $ su -l Password: # cd /tmp/ # mount -t ext3 foo.img foofs # ls foofs/ foo.img systemd-private-e34817189b004a78aba6c5d23d74f553-chronyd.service-0hhYQg/ systemd-private-e34817189b004a78aba6c5d23d74f553-colord.service-lyhz1e/ systemd-private-e34817189b004a78aba6c5d23d74f553-systemd-logind.service-8jH1cj/ systemd-private-e34817189b004a78aba6c5d23d74f553-upower.service-y8YRaj/ Temp-92df369d-02eb-41a3-b1e8-ec4afb0b8782/ TimeInfo.txt TrcInfo.txt # cp TimeInfo.txt foofs/ # umount foofs then in first tab again $ /sbin/dumpe2fs foo.img dumpe2fs 1.45.6 (20-Mar-2020) Filesystem volume name: <none> Last mounted on: /tmp/foofs Filesystem UUID: 198345a3-208e-4a8e-a552-f7e441f20506 Filesystem magic number: 0xEF53 Filesystem revision #: 1 (dynamic) Filesystem features: has_journal ext_attr resize_inode dir_index filetype sparse_super large_file Filesystem flags: signed_directory_hash Default mount options: user_xattr acl Filesystem state: clean Errors behavior: Continue Filesystem OS type: Linux Inode count: 2048 Block count: 8192 Reserved block count: 409 Free blocks: 6856 Free inodes: 2036 First block: 1 Block size: 1024 Fragment size: 1024 Reserved GDT blocks: 31 Blocks per group: 8192 Fragments per group: 8192 Inodes per group: 2048 Inode blocks per group: 256 Filesystem created: Thu Oct 20 14:32:22 2022 Last mount time: Thu Oct 20 14:35:29 2022 Last write time: Thu Oct 20 14:39:32 2022 Mount count: 1 Maximum mount count: -1 Last checked: Thu Oct 20 14:32:22 2022 Check interval: 0 (<none>) Lifetime writes: 30 kB Reserved blocks uid: 0 (user root) Reserved blocks gid: 0 (group root) First inode: 11 Inode size: 128 Journal inode: 8 Default directory hash: half_md4 Directory Hash Seed: 71243e55-4a18-4b18-95bd-9abcea977d75 Journal backup: inode blocks Journal features: (none) Journal size: 1024k Journal length: 1024 Journal sequence: 0x00000006 Journal start: 0 Group 0: (Blocks 1-8191) Primary superblock at 1, Group descriptors at 2-2 Reserved GDT blocks at 3-33 Block bitmap at 34 (+33) Inode bitmap at 35 (+34) Inode table at 36-291 (+35) 6856 free blocks, 2036 free inodes, 2 directories Free blocks: 1335-7168, 7170-8191 Free inodes: 13-2048 $ /sbin/fsck.ext3 foo.img e2fsck 1.45.6 (20-Mar-2020) foo.img: clean, 12/2048 files, 1336/8192 blocks $ /usr/sbin/e2freefrag /tmp/foo.img Device: /tmp/foo.img Blocksize: 1024 bytes Total blocks: 8192 Free blocks: 6856 (83.7%) Min. free extent: 1022 KB Max. free extent: 5834 KB Avg. free extent: 3428 KB Num. free extent: 2 HISTOGRAM OF FREE EXTENT SIZES: Extent Size Range : Free extents Free Blocks Percent 512K... 1024K- : 1 1022 14.91% 4M... 8M- : 1 5834 85.09% All seems OK
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating. Advisory in Comment 4.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0384.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED