Nasty Linux kernel bug found and fixed

Most reported Linux “security” bugs actually aren’t Linux bugs. For example, security vendor CrowdStrike‘s report on the biggest Linux-based malware families was really about system administration security blunders with telnet, SSH, and Docker, not Linux at all. But, that doesn’t mean Linux doesn’t have security holes.  For example, a new nasty Linux kernel problem has just popped up.  

In this one, there’s a heap overflow bug in the legacy_parse_param in the Linux kernel’s fs/fs_context.c program. This parameter is used in Linux filesystems during superblock creation for mount and superblock reconfiguration for a remount. The superblock records all of a filesystem’s characteristics such as file size, block size, empty and filled storage blocks. So, yeah, it’s important. 

The legacy_parse_param() “PAGE_SIZE – 2 – size” calculation was mistakenly made an unsigned type. This means a large value of “size” results in a high positive value instead of a negative value as expected. Whoops. 

This, in turn, meant you copy data beyond the memory slab allocated for it. And, as all programmers know, writing beyond the memory your program is supposed to have access to is a terrible thing.

One big reason why Rust is being incorporated into Linux is that Rust makes this kind of

Read More: