Date: Wed, 24 Nov 2010 08:06:00 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: xen: request-processing loop is unbounded in blkback Please use CVE-2010-4247. Thanks. -- JB ----- "Eugene Teo" <eugene@...hat.com> wrote: > If the frontend pass a bad index of production request, the backend > will > enter an endless loop and then cause a excessive CPU consumption. A > Xen > guest can cause the Xen host to be unresponsive. > > This issue has been fixed in upstream by: > changeset: 391:77f831cbb91d > user: Keir Fraser <keir.fraser@...rix.com> > date: Fri Jan 18 16:52:25 2008 +0000 > summary: blkback: Request-processing loop is unbounded and hence > requires a > http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d > > changeset: 392:7070d34f251c > user: Keir Fraser <keir.fraser@...rix.com> > date: Mon Jan 21 11:43:31 2008 +0000 > summary: blkback/blktap: Check for kthread_should_stop() in inner > loop, > http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c > > Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.