Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 24 Feb 2010 09:18:35 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request: kernel: NFS DoS related to "automount" symlinks

fix LOOKUP_FOLLOW on automount "symlinks"

"Make sure that automount "symlinks" are followed regardless of 
LOOKUP_FOLLOW; it should have no effect on them."

Upstream commit:
http://git.kernel.org/linus/ac278a9c505092dd82077a2446af8f9fc0d9c095

Note:
+ * This is a temporary kludge to deal with "automount" symlinks; proper
+ * solution is to trigger them on follow_mount(), so that do_lookup()
+ * would DTRT.  To be killed before 2.6.34-final.

This affects kernels version 2.6.18 onwards.

https://bugzilla.redhat.com/show_bug.cgi?id=567813

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ