oss-security - Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Thu, 23 Jun 2011 15:51:18 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: NLM: Don't hang forever on
 NLM unlock requests



----- Original Message -----
> NLM: Don't hang forever on NLM unlock requests
> 
> If the NLM daemon is killed on the NFS server, we can currently end up
> hanging forever on an 'unlock' request, instead of aborting.  Basically,
> if the rpcbind request fails, or the server keeps returning garbage, we
> really want to quit instead of retrying.
> 
> Tested-by: Vasily Averin <vvs@...ru>
> Signed-off-by: Trond Myklebust <Trond.Myklebust@...app.com>
> Cc: stable@...nel.org
> 
> In English, it means that a local, unprivileged user could use the flock
> system call on a NFS share to cause a denial of service.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=709393
> http://git.kernel.org/linus/0b760113a3a155269a3fba93a409c640031dd68f
> 

Please use CVE-2011-2491.

Thanks.

-- 
    JB

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.