oss-sec mailing list archives

Re: CVE request: kernel: inotify memory leak

From: Eugene Teo <eugene () redhat com>
Date: Mon, 11 Apr 2011 11:32:23 +0800

On 11/24/2010 09:17 PM, Josh Bressers wrote:


----- "Eugene Teo"<eugene () redhat com>  wrote:

Reported by Vegard Nossum, if inotify_init is unable to allocate a new

file for the new inotify group we leak the new group.

Reproducer: http://lkml.org/lkml/2010/11/23/418 (this test case is
only
relevant if c44dcc56 (v2.6.34-rc1) is backported)

Issue was introduced in 63c882a0 (v2.6.31-rc1).

https://bugzilla.redhat.com/656830


Please use CVE-2010-4250

A regression was found. We assigned it with CVE-2011-1479. Fix for itcan be found at: http://git.kernel.org/linus/d0de4dc5. More info here:https://bugzilla.redhat.com/CVE-2011-1479.


Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Current thread:

Re: CVE request: kernel: inotify memory leak Eugene Teo (Apr 10)
- CVE-2011-1479 (was Re: [oss-security] CVE request: kernel: inotify memory leak) Eugene Teo (Apr 10)