oss-security April 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE-2010-0727 kernel: gfs/gfs2

Re: [oss-security] CVE-2010-0727 kernel: gfs/gfs2 locking code DoS flaw

From: dann frazier <dannf_at_nospam>
Date: Thu Apr 22 2010 - 05:25:24 GMT
To: oss-security@lists.openwall.com

On Fri, Mar 12, 2010 at 01:17:55PM +0800, Eugene Teo wrote:
> static int
> gfs_lock(struct file *file, int cmd, struct file_lock *fl)
> {
> ..
> if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
> return -ENOLCK;
> ..
> }
>
> This is a check for mandatory locking where the GFS/GFS2 locking code
> will skip the lock in case sgid bits are set for the file. This can be
> triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.
>
> I believe only GFS2 is part of the upstream kernel, and GFS only affects
> Red Hat Enterprise Linux.
>
> https://bugzilla.redhat.com/CVE-2010-0727
> http://lkml.org/lkml/2010/3/11/269

Looks like a similar issue existed in 9p - can we allocate another CVE
for it?

commit f78233dd44a110c574fe760ad6f9c1e8741a0d00
Author: Sachin Prabhu <sprabhu@redhat.com>
Date: Sat Mar 13 09:03:55 2010 -0600

    9p: Skip check for mandatory locks when unlocking

-- dann frazier