Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20100422052524.GA30238@lackof.org>
Date: Wed, 21 Apr 2010 23:25:24 -0600
From: dann frazier <dannf@...ian.org>
To: oss-security@...ts.openwall.com
Cc: coley@...us.mitre.org
Subject: Re: CVE-2010-0727 kernel: gfs/gfs2 locking code DoS
	flaw

On Fri, Mar 12, 2010 at 01:17:55PM +0800, Eugene Teo wrote:
> static int
> gfs_lock(struct file *file, int cmd, struct file_lock *fl)
> {
> ..
>         if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
>                 return -ENOLCK;
> ..
> }
>
> This is a check for mandatory locking where the GFS/GFS2 locking code  
> will skip the lock in case sgid bits are set for the file. This can be  
> triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.
>
> I believe only GFS2 is part of the upstream kernel, and GFS only affects  
> Red Hat Enterprise Linux.
>
> https://bugzilla.redhat.com/CVE-2010-0727
> http://lkml.org/lkml/2010/3/11/269

Looks like a similar issue existed in 9p - can we allocate another CVE
for it?

commit f78233dd44a110c574fe760ad6f9c1e8741a0d00
Author: Sachin Prabhu <sprabhu@...hat.com>
Date:   Sat Mar 13 09:03:55 2010 -0600

    9p: Skip check for mandatory locks when unlocking

-- 
dann frazier

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.