|
Message-ID: <e7775dec-2573-d6d6-ddbd-063640a1b4f0@suse.com> Date: Fri, 27 Jan 2017 16:01:25 +0100 From: Andreas Stieger <astieger@...e.com> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE request: linux kernel - local DoS with cgroup offline code On 11/05/2016 04:59 PM, cve-assign@...re.org wrote: > > A malicious user who can run an arbitrary image with a > non-privileged user > > in a Container-as-a-service cloud environment could use the exploit to > > deadlock the container nodes to deny the service for other users. > > > container> $ trinity -D --disable-fds=memfd --disable-fds=timerfd \ > > --disable-fds=pipes --disable-fds=testfile \ > > --disable-fds=sockets --disable-fds=perf \ > > --disable-fds=epoll --disable-fds=eventfd \ > > --disable-fds=drm > > > # systemctl status docker > > <hang...> > > > task kworker/45:4:146035 blocked for more than 120 seconds. > > > "cgroup is trying to offline a cpuset css, which > > takes place under cgroup_mutex. The offlining ends up trying to drain > > active usages of a sysctl table which apparently is not happening." > There is > > no fix at this time as far as I can tell. > > Use CVE-2016-9191. > Fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93362fa47fe98b62e4a34ab408c4a418432e7939 Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa v3.11-rc1...v4.10-rc4 Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.