|
Message-ID: <Pine.GSO.4.51.0906061342330.28142@faron.mitre.org> Date: Sat, 6 Jun 2009 13:43:33 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com Subject: Re: CVE request: kernel: splice local denial of service ====================================================== Name: CVE-2009-1961 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1961 Reference: MLIST:[oss-security] 20090529 CVE request: kernel: splice local denial of service Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/29/2 Reference: MLIST:[oss-security] 20090530 Re: CVE request: kernel: splice local denial of service Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/30/1 Reference: MLIST:[oss-security] 20090602 Re: CVE request: kernel: splice local denial of service Reference: URL:http://www.openwall.com/lists/oss-security/2009/06/02/2 Reference: MLIST:[oss-security] 20090603 Re: CVE request: kernel: splice local denial of service Reference: URL:http://www.openwall.com/lists/oss-security/2009/06/03/1 Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7bfac9ecf0585962fe13584f5cf526d8c8e76f17 Reference: BID:35143 Reference: URL:http://www.securityfocus.com/bid/35143 Reference: SECTRACK:1022307 Reference: URL:http://securitytracker.com/id?1022307 The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.