[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: Linux kernel: ext4: hang during mount(8)
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2013-04-26 17:07:01
Message-ID: 517AB435.5060108 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/26/2013 06:03 AM, P J P wrote:
> Hi,
>
> Linux kernel built with an Ext4 filesystem is vulnerable to a
> system hang situation. It occurs while [auto]mounting a non-journal
> filesystem with an orphan list of inodes to clear.
>
> A user could use this flaw to stall the kernel resulting in DoS.
>
> Upstream fix: ------------- ->
> https://git.kernel.org/linus/0e9a9a1ad619e7e987815d20262d36a2f95717ca
>
> Reference: ---------- ->
> https://bugzilla.redhat.com/show_bug.cgi?id=957123
>
> Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A
> 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Please use CVE-2013-2015 for this issue.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iQIcBAEBAgAGBQJRerQ1AAoJEBYNRVNeJnmT7gMQAJy++hdzwaUj4XiYWOlPWz9S
VrnKu5nP2949EgA6CndcHzKIDe+HP6hS5Q6Zcmw5g2dofTsvz672mLMXCh7FGc8f
4y1CEBzJ1Ov4AZ9xR5BFH2I9FhdggWPDtalnpygbBoB0n9F8uBPvhD2NpLYLR8dd
R2XW8rOU4d8VC85542MmeLQ/5b0tmoI//pWdk4uI7H8PMrNJKxFJiDzvWtaGi65U
s15ceIjIobkRZ1ZtExWp4j5+cDKD7iCKOaXAiXQkMeGKy4ohMVZJ7JUIQfwOfZIM
ZnR12cJPIgMEvFIkSE5wFg/iQfk8Or4tUfVMdJ9ctwZvYCyMuv+V7qjDoWePmW3f
6cQ36PfUjLgaheG4BLxiV4HMbxLHiGaRCg/h8KGWR7FK9FbhYhu4puKhB5DBDu+y
gJdX/2OTVPvDFzk70hTKcvxL9DjVzzaFERlADMHM3+hMKW1mV6xmR2TxTjxeq6ri
cBQNb5qWrVj3h1ApqPBrHvwnrJZ07UA6tVJ6UjlPX2ByrhgwC3s0pPqmGbm6jZBZ
++MZ++J6jVGJb2TpatBZkYT7Ou2Gd2ZN4rhzKsGaQqK4SUrH2Otna54JA2vxJO9k
3vvJCeh3KaAdceadSWbPqs+cWOZZ9tYZO8vq+ZdmyEr60nFDEC5MmRXFRhoLYCRI
dtuVHCQuwTB9BEMboMXF
=SP8D
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic