Date: Thu, 02 Oct 2014 00:05:45 +0200 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: oss-security@...ts.openwall.com Subject: xfs directory hash ordering bug Hello! Another kernel bug which did not get a CVE yet, but should be considered to get one (sorry for the late notification): https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88547a8119e3b581318ab65e9b72f27f23e641d Basically it allows a local user to corrupt a xfs filesystem by just creating directories. Depending on whether it is the root filesystem or not the kernel panics or just oopses and forcefully disconnects the filesystem. The commit states that xfs_repair repairs the filesystem but IIRC further access to that directory would still cause the kernel to either oops or panic. So xfs_repair could not correctly fix the filesystem in all situations. But I am not sure anymore and didn't follow up on this (I had a relocation coming up). My initial report here: http://marc.info/?l=linux-xfs&m=139590613002926&w=2 Reproducer: http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfstests.git;a=commitdiff;h=947ee8bd4b59770534297572b14c695e9c6e001e Thanks, Hannes
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.