Summary: | Kernel: Coverity found missing spin lock checks (GENERIC-MAP-NOMATCH) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | chrb, gimli, kang, kumba, marineam, security-kernel |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | [linux <2.6.15] [genpatches <2.6.14-8] | ||
Package list: | Runtime testing required: | --- |
Looks like those were all fixed in the past, so maybe this one can be closed : > > net/rose/rose_route.c rose_route_frame, line 998 > > returns without unlocking rose_node_list_lock, rose_neigh_list_lock, or > > rose_route_list_lock > > [Yes, possible remote DoS but looks as if it can't happen in real life] http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=dc16aaf29d64b8c5e0b88f49a4d541edf5b61e42 http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c1cc168442a943ed3997f6543db87c061987f9d7 > > net/rose/rose_timer.c rose_heartbeat_expiry, line 141 > > rose_destroy_socket does not unlock sk as far as i can see > > [Unsure - DaveM ?] http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a3d7a9d77533d7516a8cfb8e2b612cd5ead4fa59;hp=6b7d31fcdda5938e5d3f1f8b0922cc25aa200dfc > > drivers/net/irda/donauboe.c toshoboe_net_ioctl, search for EPERM > > returns without unlocking self->lock > > [Yes, local DoS if the hardware is present] > http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ac7c98eca88a854755475fcfe1b2bf5f97f90d99;hp=b3f9b92a6ec1a9a5e4b4b36e484f2f62cc73277c rose_route: Fixed in 2.6.13 rose_timer: 2.6.15_rc1 IrDA issue: 2.6.15_rc1 Adding maintainers: ck-sources: marineam gentoo-sources: dsd hardened-sources: hardened herd -- johnm is away hppa-sources: GMSoft mips-sources: Kumba rsbac-sources: kang sh-sources: sh herd suspend2-sources: brix usermode-sources: dsd (needs new genpatches?) xbox-sources: chrb genpatches 2.6.14-8 fixes this, should be simple to update hardened,sh,gentoo,usermode,ck,suspend2 ck-sources fixed Fixed in sys-kernel/suspend2-sources-2.6.14-r10. Fixed on hppa in hppa-sources-2.6.15_p1. Fixed in hardened-sources-2.6.14-r4. gentoo and usermode are at 2.6.15 All fixed, resolving bug. |
From Vendor-Sec. > > -------- Forwarded Message -------- > > > Oddi wrth: Ted Unangst <tedu@coverity.com> > > > I: linux-kernel@vger.kernel.org > > > Pwnc: some missing spin_unlocks > > > Dyddiad: Mon, 22 Aug 2005 15:26:47 -0700 > > > > > > I think these are all real bugs. > > > > > > sound/synth/emux/emux_synth.c snd_emux_note_on, line 101 > > > snd_assert will return without unlocking emu->voice_lock (line 89) > > > > ['Can't happen' error path only - but a fine example of why snd_assert > > should be killed off] > > > > > sound/pci/au88x0/au88x0_core.c vortex_adb_allocroute, search for EBUSY > > > returns without unlocking vortex->lock > > > > [Not apparently present in 13r6] > > > > > net/rose/rose_route.c rose_route_frame, line 998 > > > returns without unlocking rose_node_list_lock, rose_neigh_list_lock, or > > > rose_route_list_lock > > > > [Yes, possible remote DoS but looks as if it can't happen in real life] > > > > > net/rose/rose_timer.c rose_heartbeat_expiry, line 141 > > > rose_destroy_socket does not unlock sk as far as i can see > > > > [Unsure - DaveM ?] > > > > > drivers/net/irda/donauboe.c toshoboe_net_ioctl, search for EPERM > > > returns without unlocking self->lock > > > > [Yes, local DoS if the hardware is present] > >