Date: Thu, 27 Nov 2008 21:17:46 +0800 From: "Eugene Teo" <eugeneteo@...nel.sg> To: oss-security@...ts.openwall.com Subject: CVE request: kernel: fix soft lockups/OOM issues with unix garbage collector This bug is different from CVE-2008-5029, but it can be triggered by the same reproducers. It requires a CVE name. "Reported and fixed by Dann Frazier <dannf@...com>: This is an implementation of David Miller's suggested fix in: https://bugzilla.redhat.com/show_bug.cgi?id=470201 Paraphrasing the description from the above report, it makes sendmsg() block while UNIX garbage collection is in progress. This avoids a situation where child processes continue to queue new FDs over a AF_UNIX socket to a parent which is in the exit path and running garbage collection on these FDs. This contention can result in soft lockups and oom-killing of unrelated processes." Reproducers: https://bugzilla.redhat.com/show_bug.cgi?id=470201#c1 https://bugzilla.redhat.com/show_bug.cgi?id=470201#c7 References: https://bugzilla.redhat.com/show_bug.cgi?id=470201 http://article.gmane.org/gmane.comp.security.oss.general/1223 http://marc.info/?l=linux-netdev&m=122721862313564&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=473259 Patch: http://marc.info/?l=linux-netdev&m=122771908731133&w=2 Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.