[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2010-0727 kernel: gfs/gfs2 locking code DoS
From:       dann frazier <dannf () debian ! org>
Date:       2010-04-22 5:25:24
Message-ID: 20100422052524.GA30238 () lackof ! org
[Download RAW message or body]

On Fri, Mar 12, 2010 at 01:17:55PM +0800, Eugene Teo wrote:
> static int
> gfs_lock(struct file *file, int cmd, struct file_lock *fl)
> {
> ..
>         if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
>                 return -ENOLCK;
> ..
> }
>
> This is a check for mandatory locking where the GFS/GFS2 locking code  
> will skip the lock in case sgid bits are set for the file. This can be  
> triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.
>
> I believe only GFS2 is part of the upstream kernel, and GFS only affects  
> Red Hat Enterprise Linux.
>
> https://bugzilla.redhat.com/CVE-2010-0727
> http://lkml.org/lkml/2010/3/11/269

Looks like a similar issue existed in 9p - can we allocate another CVE
for it?

commit f78233dd44a110c574fe760ad6f9c1e8741a0d00
Author: Sachin Prabhu <sprabhu@redhat.com>
Date:   Sat Mar 13 09:03:55 2010 -0600

    9p: Skip check for mandatory locks when unlocking

-- 
dann frazier

[prev in list] [next in list] [prev in thread] [next in thread]