oss-sec mailing list archives

CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages()

From: Salvatore Bonaccorso <carnil () debian org>
Date: Sun, 24 Jan 2016 07:47:46 +0100

Hi

Can you assign a CVE for the following issue found

https://bugzilla.redhat.com/show_bug.cgi?id=1290642

A patch was posted to fix an issue regarding unkillable task eating
CPU.

The problem is in the fuse_fill_write_pages() function.  When a user
calls the sys_writev syscall with specially crafted sequence of iovs
the kernel function may never terminate and continue in a tight loop,
the process is unable to be killed.


Introduced in:
https://git.kernel.org/linus/ea9b9907b82a09bd1a708004454f7065de77c5b0
(v2.6.26-rc1)

Fixed by:
https://git.kernel.org/linus/3ca8138f014a913f98e6ef40e939868e1e9ea876
(v4.4-rc5)

Regards,
Salvatore

Current thread:

CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages() Salvatore Bonaccorso (Jan 23)
- Re: CVE Request: Linux: fuse: possible denial of service in fuse_fill_write_pages() cve-assign (Jan 24)