Re: CVE-2010-0727 kernel: gfs/gfs2 locking code DoS flaw

[dann frazier <dannf () debian org>]

On Fri, Mar 12, 2010 at 01:17:55PM +0800, Eugene Teo wrote:
> static int
> gfs_lock(struct file *file, int cmd, struct file_lock *fl)
> {
> ..
>         if ((ip->i_di.di_mode & (S_ISGID | S_IXGRP)) == S_ISGID)
>                 return -ENOLCK;
> ..
> }
>
> This is a check for mandatory locking where the GFS/GFS2 locking code  
> will skip the lock in case sgid bits are set for the file. This can be  
> triggered to cause a crash on a system mounting a GFS/GFS2 filesystem.
>
> I believe only GFS2 is part of the upstream kernel, and GFS only affects  
> Red Hat Enterprise Linux.
>
> https://bugzilla.redhat.com/CVE-2010-0727
> http://lkml.org/lkml/2010/3/11/269

Looks like a similar issue existed in 9p - can we allocate another CVE
for it?

commit f78233dd44a110c574fe760ad6f9c1e8741a0d00
Author: Sachin Prabhu <sprabhu () redhat com>
Date:   Sat Mar 13 09:03:55 2010 -0600

    9p: Skip check for mandatory locks when unlocking

-- 
dann frazier