Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.51.0906061342330.28142@faron.mitre.org>
Date: Sat, 6 Jun 2009 13:43:33 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: kernel: splice local denial of
 service


======================================================
Name: CVE-2009-1961
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1961
Reference: MLIST:[oss-security] 20090529 CVE request: kernel: splice local denial of service
Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/29/2
Reference: MLIST:[oss-security] 20090530 Re: CVE request: kernel: splice local denial of service
Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/30/1
Reference: MLIST:[oss-security] 20090602 Re: CVE request: kernel: splice local denial of service
Reference: URL:http://www.openwall.com/lists/oss-security/2009/06/02/2
Reference: MLIST:[oss-security] 20090603 Re: CVE request: kernel: splice local denial of service
Reference: URL:http://www.openwall.com/lists/oss-security/2009/06/03/1
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7bfac9ecf0585962fe13584f5cf526d8c8e76f17
Reference: BID:35143
Reference: URL:http://www.securityfocus.com/bid/35143
Reference: SECTRACK:1022307
Reference: URL:http://securitytracker.com/id?1022307

The inode double locking code in fs/ocfs2/file.c in the Linux kernel
2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4,
and possibly other versions down to 2.6.19 allows local users to cause a
denial of service (prevention of file creation and removal) via a series
of splice system calls that trigger a deadlock between the
generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write
functions.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.