Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 125438

Summary: Kernel: Local DoS - normal user can panic NFS client with direct I/O (CVE-2006-0555)
Product: Gentoo Security Reporter: RumpletonBongworth <kfm>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: gimli, gmsoft, kang, kumba, marineam, security-kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.15.y.git;a=commit;h=93e3d00a9f0158e522cada1088233fad23247882
Whiteboard: [linux <2.6.15.5]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
nfs-client-directio-panic-with-compile-fix.patch none

Description RumpletonBongworth 2006-03-07 20:39:21 UTC 
According to the commit "this is CVE-2006-0555 and SGI bug 946529.  A normal user can panic an NFS client and cause a local DoS with 'judicious'(?) use of O_DIRECT." The following kernels and patchsets are unaffected:

  * >=vanilla-sources-2.6.15.5 (compile fix also in 2.6.15.6)
  * >=gentoo-sources-2.6.15-r6
  * >=genpatches-2.6.15-9

Patch here: http://tinyurl.com/hjmug. However, upstream messed it up - a compile fix was subsequently applied on top of the original fix. The incremental patch is here: http://tinyurl.com/runj5.
Comment 1 RumpletonBongworth 2006-03-07 20:40:21 UTC 
Also, gentoo-sources-2.6.15-r7 and genpatches-2.6.15-10 contain the additional compile fix.
Comment 2 RumpletonBongworth 2006-03-07 20:44:19 UTC 
Created attachment 81666 [details, diff]
nfs-client-directio-panic-with-compile-fix.patch

Rolled-up patch. Also applies to 2.6.14.
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2006-03-11 11:58:55 UTC 
CCing maintainers:

ck-sources: marineam
hardened-sources: hardened herd
hppa-sources: gmsoft
mips-sources: `Kumba
rsbac-sources: kang
suspend2-sources: brix
xbox-sources: gimli
Comment 4 Henrik Brix Andersen 2006-03-11 12:06:25 UTC 
Already fixed in suspend2-sources-2.6.15-r7.
Comment 5 Micheal Marineau (RETIRED) gentoo-dev 2006-03-14 12:53:45 UTC 
ck fixed since ck-sources-2.6.15_p5
Comment 6 RumpletonBongworth 2006-03-16 04:34:14 UTC 
Now fixed in:

  * genpatches-2.6.14-11
  * hardened-sources-2.6.14-r6
Comment 7 Tim Yamin (RETIRED) gentoo-dev 2006-05-18 13:40:03 UTC 
All resolved, closing...