Date: Thu, 23 Jun 2011 15:18:58 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests NLM: Don't hang forever on NLM unlock requests If the NLM daemon is killed on the NFS server, we can currently end up hanging forever on an 'unlock' request, instead of aborting. Basically, if the rpcbind request fails, or the server keeps returning garbage, we really want to quit instead of retrying. Tested-by: Vasily Averin <vvs@...ru> Signed-off-by: Trond Myklebust <Trond.Myklebust@...app.com> Cc: stable@...nel.org In English, it means that a local, unprivileged user could use the flock system call on a NFS share to cause a denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=709393 http://git.kernel.org/linus/0b760113a3a155269a3fba93a409c640031dd68f Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ