Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 28 Feb 2017 17:20:34 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: Linux: irda: Fix lockdep annotations in hashbin_delete()
 (CVE-2017-6348)

Hi

CVE-2017-6348 was assigned by MITRE to the following (via
https://cveform.mitre.org/):

https://git.kernel.org/linus/4c03b862b12f980456f9de92db6d508a4999b788

> irda: Fix lockdep annotations in hashbin_delete().
> 
> A nested lock depth was added to the hasbin_delete() code but it
> doesn't actually work some well and results in tons of lockdep splats.
> 
> Fix the code instead to properly drop the lock around the operation
> and just keep peeking the head of the hashbin queue.

Quoting a note from Ben Hutchins: "This actually changes locking, not just
lockdep annotations. So I think it fixes a potential deadlock."

The fix was as well backported to 4.9.13.

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ