oss-sec mailing list archives
CVE request: kernel: inotify local DoS
From: Eugene Teo <eugene () redhat com>
Date: Fri, 06 Mar 2009 22:10:39 +0800
According to the upstream commit 3632dee2, if userspace supplies an invalid pointer to a read() of an inotify instance, the inotify device's event list mutex is unlocked twice. This causes an unbalance which effectively leaves the data structure unprotected, and we can trigger oopses by accessing the inotify instance from different tasks
concurrently. http://patchwork.kernel.org/patch/4857/ https://bugzilla.redhat.com/show_bug.cgi?id=488935 Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team
Current thread:
- CVE request: kernel: inotify local DoS Eugene Teo (Mar 06)
- Re: CVE request: kernel: inotify local DoS Steven M. Christey (Mar 17)
- Re: CVE request: kernel: inotify local DoS Michael K. Johnson (Mar 18)
- Re: CVE request: kernel: inotify local DoS Eugene Teo (Mar 18)
- Re: CVE request: kernel: inotify local DoS Michael K. Johnson (Mar 19)
- Re: CVE request: kernel: inotify local DoS Michael K. Johnson (Mar 18)
- Re: CVE request: kernel: inotify local DoS Steven M. Christey (Mar 17)