Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <460603542.1004501282246464479.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com>
Date: Thu, 19 Aug 2010 15:34:24 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request - kernel: xfs: stale data exposure

Please use CVE-2010-2943

Thanks.

-- 
    JB


----- "Eugene Teo" <eugene@...hat.com> wrote:

> An issue was found in the XFS filehandle conversion where inodes that
> 
> are deleted may return as valid files as XFS does not verify the inode
> 
> numbers in the file handles, i.e. allowing access to deleted data.
> 
> The test program that demonstrates the issue via the open_by_handle 
> interface can be found here: 
> http://oss.sgi.com/archives/xfs/2010-06/msg00191.html.
> 
> [PATCH 1/4] xfs: always use iget in bulkstat
> http://article.gmane.org/gmane.comp.file-systems.xfs.general/33770
> 
> [PATCH 2/4] xfs: validate untrusted inode numbers during lookup
> http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771
> 
> This following patch is needed too to address a regression introduced
> by 
> the patches above:
> http://oss.sgi.com/archives/xfs/2010-08/msg00179.html.
> 
> Reference:
> https://bugzilla.redhat.com/show_bug.cgi?id=624923
> 
> Thanks, Eugene
> -- 
> main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i);
> }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.