Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 13 Jul 2011 10:50:02 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple
 of blksize

The GFS2 fallocate code chooses a target size to for allocating chunks
of space. Whenever it can't find any resource groups with enough space
free, it halves its target. Since this target is in bytes, eventually it
will no longer be a multiple of blksize. As long as there is more space
available in the resource group than the target, this isn't a problem,
since gfs2 will use the actual space available, which is always a
multiple of blksize. However, when gfs couldn't fallocate a bigger chunk
than the target, it was using the non-blksize aligned number. This
caused a BUG in later code that required blksize aligned offsets.

Upstream commit:
http://git.kernel.org/linus/6905d9e4dda6112f007e9090bca80507da158e63

Reference:
https://bugzilla.redhat.com/CVE-2011-2689

Thanks, Eugene
@eugeneteo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.