fs/xfs: Fix out-of-bounds read
authorMichael Chang <mchang@suse.com>
Fri, 31 May 2024 07:14:57 +0000 (15:14 +0800)
committerFelix Zielcke <fzielcke@z-51.de>
Thu, 3 Jul 2025 16:35:51 +0000 (18:35 +0200)
commitc87d2e3edbc8dc725aa2c75fe6fcb8a51fc5c846
treed54e0fd97af92440fee7deb3a755c86b42b2bf07
parentd8d20c912ae569866ed0e5a898c50d78611587ef
fs/xfs: Fix out-of-bounds read

The number of records in the root key array read from disk was not being
validated against the size of the root node. This could lead to an
out-of-bounds read.

This patch adds a check to ensure that the number of records in the root
key array does not exceed the expected size of a root node read from
disk. If this check detects an out-of-bounds condition the operation is
aborted to prevent random errors due to metadata corruption.

Reported-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Gbp-Pq: Topic cve-2025-jan
Gbp-Pq: Name fs-xfs-Fix-out-of-bounds-read.patch
grub-core/fs/xfs.c