CVE-2012-2669 and CVE-2019-15538

[oliviagallucci]

set curation level to 2.

CVE-2019-15538 An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS. Source: http://cve.circl.lu/cve/CVE-2019-15538

CVE-2012-2669 The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message. Source: http://cve.circl.lu/cve/CVE-2012-2669

[ghost]

It appears that you are still working on filling out your yml files. This is resulting in the CI to fail. Make sure to reach out to Professor Keller if you need any help or are confused!

[oliviagallucci]

Hi! I had to do an incomplete this semester due to medical issues. I am starting this again now :)

[andymeneely]

FYI, I just updated the unit tests to give more specific output (it wasn't telling you which file was failing). I'm going to hit "update branch" and it'l rerun the tests. On your side, just make sure you pull before you push. Or, if you commit before pushing, do git pull --rebase to fix. I'm happy to help later on!