Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <28fa9c5e0811270517w6f16eef8wd9c0a70f6162d408@mail.gmail.com>
Date: Thu, 27 Nov 2008 21:17:46 +0800
From: "Eugene Teo" <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
Subject: CVE request: kernel: fix soft lockups/OOM issues with unix garbage collector

This bug is different from CVE-2008-5029, but it can be triggered by
the same reproducers. It requires a CVE name.

"Reported and fixed by Dann Frazier <dannf@...com>:
This is an implementation of David Miller's suggested fix in:
  https://bugzilla.redhat.com/show_bug.cgi?id=470201

Paraphrasing the description from the above report, it makes sendmsg()
block while UNIX garbage collection is in progress. This avoids a
situation where child processes continue to queue new FDs over a
AF_UNIX socket to a parent
which is in the exit path and running garbage collection on these FDs.
This contention can result in soft lockups and oom-killing of
unrelated processes."

Reproducers:
https://bugzilla.redhat.com/show_bug.cgi?id=470201#c1
https://bugzilla.redhat.com/show_bug.cgi?id=470201#c7

References:
https://bugzilla.redhat.com/show_bug.cgi?id=470201
http://article.gmane.org/gmane.comp.security.oss.general/1223
http://marc.info/?l=linux-netdev&m=122721862313564&w=2
https://bugzilla.redhat.com/show_bug.cgi?id=473259

Patch:
http://marc.info/?l=linux-netdev&m=122771908731133&w=2

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.