[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Re: CVE request: linux kernel - local DoS with cgroup offline code
From: Andreas Stieger <astieger () suse ! com>
Date: 2017-01-27 15:01:25
Message-ID: e7775dec-2573-d6d6-ddbd-063640a1b4f0 () suse ! com
[Download RAW message or body]
On 11/05/2016 04:59 PM, cve-assign@mitre.org wrote:
> > A malicious user who can run an arbitrary image with a
> non-privileged user
> > in a Container-as-a-service cloud environment could use the exploit to
> > deadlock the container nodes to deny the service for other users.
>
> > container> $ trinity -D --disable-fds=memfd --disable-fds=timerfd \
> > --disable-fds=pipes --disable-fds=testfile \
> > --disable-fds=sockets --disable-fds=perf \
> > --disable-fds=epoll --disable-fds=eventfd \
> > --disable-fds=drm
>
> > # systemctl status docker
> > <hang...>
>
> > task kworker/45:4:146035 blocked for more than 120 seconds.
>
> > "cgroup is trying to offline a cpuset css, which
> > takes place under cgroup_mutex. The offlining ends up trying to drain
> > active usages of a sysctl table which apparently is not happening."
> There is
> > no fix at this time as far as I can tell.
>
> Use CVE-2016-9191.
>
Fix:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93362fa47fe98b62e4a34ab408c4a418432e7939
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa
v3.11-rc1...v4.10-rc4
Andreas
--
Andreas Stieger <astieger@suse.com>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic