oss-sec mailing list archives
Re: CVE request - kernel: xfs: stale data exposure
From: Josh Bressers <bressers () redhat com>
Date: Thu, 19 Aug 2010 15:34:24 -0400 (EDT)
Please use CVE-2010-2943 Thanks. -- JB ----- "Eugene Teo" <eugene () redhat com> wrote:
An issue was found in the XFS filehandle conversion where inodes that are deleted may return as valid files as XFS does not verify the inode numbers in the file handles, i.e. allowing access to deleted data. The test program that demonstrates the issue via the open_by_handle interface can be found here: http://oss.sgi.com/archives/xfs/2010-06/msg00191.html. [PATCH 1/4] xfs: always use iget in bulkstat http://article.gmane.org/gmane.comp.file-systems.xfs.general/33770 [PATCH 2/4] xfs: validate untrusted inode numbers during lookup http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771 This following patch is needed too to address a regression introduced by the patches above: http://oss.sgi.com/archives/xfs/2010-08/msg00179.html. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=624923 Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Current thread:
- CVE request - kernel: xfs: stale data exposure Eugene Teo (Aug 17)
- Re: CVE request - kernel: xfs: stale data exposure Josh Bressers (Aug 19)