Date: Wed, 13 Jul 2011 10:50:02 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize The GFS2 fallocate code chooses a target size to for allocating chunks of space. Whenever it can't find any resource groups with enough space free, it halves its target. Since this target is in bytes, eventually it will no longer be a multiple of blksize. As long as there is more space available in the resource group than the target, this isn't a problem, since gfs2 will use the actual space available, which is always a multiple of blksize. However, when gfs couldn't fallocate a bigger chunk than the target, it was using the non-blksize aligned number. This caused a BUG in later code that required blksize aligned offsets. Upstream commit: http://git.kernel.org/linus/6905d9e4dda6112f007e9090bca80507da158e63 Reference: https://bugzilla.redhat.com/CVE-2011-2689 Thanks, Eugene @eugeneteo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.