Ubuntu Security Notice 4324-1 - Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Shijie Luo discovered that the ext4 file system implementation in the Linux kernel did not properly check for a too-large journal size. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.
3354b82b5136c0f1f9db6f7e2c046652c69628e3bd2119247ececc242c70ea9e