[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request - gfs2 kernel issue
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-04-28 0:09:26
Message-ID: 1601861696.2004901272413366763.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Please use CVE-2010-1436

Thanks.

-- 
    JB


----- "Eugene Teo" <eugene@redhat.com> wrote:

> When a struct gfs2_quota straddles a page boundary, the two pages 
> required to write out the complete quota were not being updated. 
> Instead, the first page was being written beyond its end. This buffer
> 
> overflow can cause a kernel panic. Since only the value field in
> struct 
> gfs2_quota needs to be updated and it's a 64-bit quantity that doesn't
> 
> ever straddle a page boundary by itself, we can seek to the proper
> page 
> where this value lies and write to it.
> 
> Steps to reproduce:
> https://bugzilla.redhat.com/show_bug.cgi?id=586006
> 
> My colleague will be posting the patch for the upstream kernel soon.
> 
> Thanks, eugene
[prev in list] [next in list] [prev in thread] [next in thread]