Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Mar 2010 13:17:55 +0800
From: Eugene Teo <>
Subject: CVE-2010-0727 kernel: gfs/gfs2 locking code DoS flaw

static int
gfs_lock(struct file *file, int cmd, struct file_lock *fl)
         if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
                 return -ENOLCK;

This is a check for mandatory locking where the GFS/GFS2 locking code 
will skip the lock in case sgid bits are set for the file. This can be 
triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.

I believe only GFS2 is part of the upstream kernel, and GFS only affects 
Red Hat Enterprise Linux.

Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ