[Bug 13755] New: kernel: bug in GFS/GFS2 locking code leads to dos
Pardus Bugzilla
bugzilla-daemon at pardus.org.tr
12 Tem 2010 Pzt 10:20:20 EEST
http://bugs.pardus.org.tr/show_bug.cgi?id=13755
Summary: kernel: bug in GFS/GFS2 locking code leads to dos
Product: Güvenlik / Security
Version: unspecified
Platform: x86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: cekirdek / kernel
AssignedTo: security at pardus.org.tr
ReportedBy: eren at pardus.org.tr
CC: ozan at pardus.org.tr, security at pardus.org.tr
DESCRIPTION
===========
static int
gfs_lock(struct file *file, int cmd, struct file_lock *fl)
{
..
if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
return -ENOLCK;
..
}
This is a check for mandatory locking where the GFS/GFS2 locking code
will skip the lock in case sgid bits are set for the file. This can be
triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.
SOLUTION
========
Apply the upstream patch
REFERENCES
==========
https://bugzilla.redhat.com/CVE-2010-0727
http://lkml.org/lkml/2010/3/11/269
--
Configure bugmail: http://bugs.pardus.org.tr/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Bugzilla mesaj listesiyle ilgili
daha fazla bilgi