-General@ +HDFS-dev@ Hi Akira, Thanks for pointing out this CVE before my users come asking. Would you be able to point to a JIRA ticket describing this issue? I see a few[1] which look to align roughly to the release but do not grok why they would trigger a CVE[2]. Also is this CVE only to do with the inability of rolling-back to a 2.7.x release?
-Clay [1]: Tickets which seem to be similar: *HDFS-13314 - NameNode should optionally exit if it detects FsImage corruption *HDFS-13101 - Yet another fsimage corruption related to snapshot *HDFS-13596 - NN restart fails after RollingUpgrade from 2.x to 3.x *[2]: I am under the impression CVE's were to track security related vulnerabilities? From: aajis...@apache.org At: 10/03/19 21:30:33To: gene...@hadoop.apache.org, secur...@hadoop.apache.org Subject: CVE-2018-11768: HDFS FSImage Corruption CVE-2018-11768: HDFS FSImage Corruption Severity: Critical Vendor: The Apache Software Foundation Versions affected: 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, 2.0.0-alpha to 2.8.4 Description: There is a mismatch in the size of the fields used to store user/group information between memory and disk representation. This causes the user/group information to be corrupted across storing in fsimage and reading back from fsimage. Mitigation: Users should upgrade to Apache Hadoop 2.8.5, 2.9.2, 3.1.2 or upper. This vulnerability fix contains a fsimage layout change, so once the image is saved in the new layout format you cannot go back to a version that doesn’t support the newer layout. This means that once 2.7.x users upgraded to the fixed version, they cannot downgrade to 2.7.x because there is no fixed version in 2.7.x. We suggest downgrade to 2.8.5 or upper version that contains the vulnerability fix. Credit: This issue was discovered by Ekanth Sethuramalingam.
