Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 28 Feb 2012 09:09:26 -0700
From: Kurt Seifried <>
Subject: Re: CVE request -- kernel: cifs: dentry refcount leak
 when opening a FIFO on lookup leads to panic on unmount

On 02/28/2012 08:15 AM, Petr Matousek wrote:
> The cifs code will attempt to open files on lookup under certain
> circumstances. What happens though if we find that the file we opened
> was actually a FIFO or other special file? Currently, the open
> filehandle just ends up being leaked leading to a dentry refcount
> mismatch and oops on umount.
> An unprivileged local user could use this flaw to crash the system.
> Introduced by:
> a6ce4932fbdbcd8f8e8c6df76812014351c32892 (Linux kernel 2.6.31)
> Proposed upstream patch:
> References:
> Thanks,

Please use CVE-2012-1090 for this issue.

Kurt Seifried Red Hat Security Response Team (SRT)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ