oss-sec mailing list archives
Re: CVE-2014-7975: 0-day umount denial of service
From: rf () q-leap de
Date: Thu, 9 Oct 2014 13:06:02 +0200
"Andy" == Andy Lutomirski <luto () amacapital net> writes:
Andy> I just screwed up and typoed my git send-email command, so Andy> there's now a publicly available exploit for a new umount bug. Andy> Fortunately this one isn't terribly serious, but it might be Andy> usable for more than just DoS if some daemon reacts poorly to Andy> being unable to write to the filesystem. Andy> http://thread.gmane.org/gmane.linux.kernel.stable/109312 Hmm, what damage is this supposed to do? I get (3.12.29): ql-front-t:/dev/pts# /root/remount-exploit /dev remount_ro, a DoS by Andy Lutomirski remount-exploit: umount: Device or resource busy Maybe you should specify what versions are supposed to be vulnerable -- Roland ------- http://www.q-leap.com / http://qlustar.com --- HPC / Storage / Cloud Linux Cluster OS ---
Current thread:
- CVE-2014-7975: 0-day umount denial of service Andy Lutomirski (Oct 08)
- Re: CVE-2014-7975: 0-day umount denial of service rf (Oct 09)
- Re: CVE-2014-7975: 0-day umount denial of service Andy Lutomirski (Oct 09)
- Re: CVE-2014-7975: 0-day umount denial of service rf (Oct 09)