oss-sec mailing list archives
Re: Re: CVE request: linux kernel - local DoS with cgroup offline code
From: Andreas Stieger <astieger () suse com>
Date: Fri, 27 Jan 2017 16:01:25 +0100
On 11/05/2016 04:59 PM, cve-assign () mitre org wrote:
A malicious user who can run an arbitrary image with anon-privileged userin a Container-as-a-service cloud environment could use the exploit to deadlock the container nodes to deny the service for other users.container> $ trinity -D --disable-fds=memfd --disable-fds=timerfd \ --disable-fds=pipes --disable-fds=testfile \ --disable-fds=sockets --disable-fds=perf \ --disable-fds=epoll --disable-fds=eventfd \ --disable-fds=drm# systemctl status docker <hang...>task kworker/45:4:146035 blocked for more than 120 seconds."cgroup is trying to offline a cpuset css, which takes place under cgroup_mutex. The offlining ends up trying to drain active usages of a sysctl table which apparently is not happening."There isno fix at this time as far as I can tell.Use CVE-2016-9191.
Fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93362fa47fe98b62e4a34ab408c4a418432e7939 Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa v3.11-rc1...v4.10-rc4 Andreas -- Andreas Stieger <astieger () suse com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
Current thread:
- Re: Re: CVE request: linux kernel - local DoS with cgroup offline code Andreas Stieger (Jan 27)