oss-sec mailing list archives

Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests

From: Josh Bressers <bressers () redhat com>
Date: Thu, 23 Jun 2011 15:51:18 -0400 (EDT)



----- Original Message -----

NLM: Don't hang forever on NLM unlock requests

If the NLM daemon is killed on the NFS server, we can currently end up
hanging forever on an 'unlock' request, instead of aborting.  Basically,
if the rpcbind request fails, or the server keeps returning garbage, we
really want to quit instead of retrying.

Tested-by: Vasily Averin <vvs () sw ru>
Signed-off-by: Trond Myklebust <Trond.Myklebust () netapp com>
Cc: stable () kernel org

In English, it means that a local, unprivileged user could use the flock
system call on a NFS share to cause a denial of service.

https://bugzilla.redhat.com/show_bug.cgi?id=709393
http://git.kernel.org/linus/0b760113a3a155269a3fba93a409c640031dd68f


Please use CVE-2011-2491.

Thanks.

-- 
    JB

Current thread:

CVE request: kernel: NLM: Don't hang forever on NLM unlock requests Eugene Teo (Jun 23)
- Re: CVE request: kernel: NLM: Don't hang forever on NLM unlock requests Josh Bressers (Jun 23)