Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

EXT4 Gets Extra Protection Against Maliciously Crafted Container Images

Written by Michael Larabel in Linux Storage on 4 April 2018 at 11:36 AM EDT. 5 Comments

LINUX STORAGE

Given the booming popularity of Linux containers, it's little surprise but unfortunate that Linux file-systems are having to protect against specially-crafted file-system images by malicious actors looking to exploit vulnerabilities in the code.

Ted Ts'o today sent in the EXT4 Linux file-system updates and it's mostly mundane maintenance work with no major features this cycle. He did note of the bug fixes to protect against potentially malicious EXT4 file-system images.

Ted commented, "Cleanups and bugfixes for ext4, including some fixes to make ext4 more robust against maliciously crafted file system images. (I still don't recommend that container folks hold any delusions that mounting arbitary images that can be crafted by malicious attackers should be considered sane thing to do, though!)"

The roughly two dozen changes for EXT4 in Linux 4.17 can be found here.

5 Comments

Related News

Stratis Storage 3.5 Released With Encrypted Cache Support

OpenZFS 2.1.8 Released With Linux 6.1~6.2 Compatibility Updates, Bug Fixes

Linux Developers Eye Orphaning The JFS File-System

XFS Progressing On Defragmenting Free Space - Needed For Online Shrinking

OpenZFS Lands A Very Nice Performance Optimization

NTFS Driver Adds New Mount Options With Linux 6.2

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

MPV Player 0.35.1 Released With Wayland & PipeWire Fixes

Canonical Promotes Ubuntu Pro To General Availability

LibreOffice Removes Support For Some Old Targets: AIX, 32-bit s390 & More

RADV Graphics Pipeline Library Support Becoming Speedy, Aims For Mesa 23.1 Promotion

Intel Driver Enabling HF-EEODB For Linux 6.3 As Part Of HDMI 2.1 Compliance

Linux 6.2-rc6 Released & It's Suspiciously Small

Mesa 22.3.4 Brings Fix For RADV RT Build Performance To Match AMDVLK/AMDGPU-PRO

AMD Sends In More RDNA3 Graphics Driver Fixes For Linux 6.3