Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 Dec 2009 14:40:04 +0800
From: Eugene Teo <>
CC: Greg KH <>
Subject: CVE request - kernel: fuse_ioctl_copy_user() dos

Reported by David Shaw. There is a problem in the ioctl handler in the 
fuse kernel code that causes a panic under some circumstances.

fuse_ioctl_copy_user() was introduced in 59efec7b (v2.6.29-rc1, 
2008-11-26). This was fixed upstream but was missed in 2.6.30.y. The 
most recent 2.6.31/32.y kernels already have this fix. So this only 
affects distros that are still using 2.6.30.y.

Thanks, Eugene
Eugene Teo / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ