Summary: | Kernel : Huge Pages Memory Leak Denial of Service Vulnerability (CVE-2012-2390) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Kernel | Assignee: | Gentoo Kernel Security <security-kernel> |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | kernel |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2012-11-01 17:33:18 UTC
It seems to me that I hit something related to this bug. I recently installed a new gentoo system on my brandnew lenovo S440 with 8G Ram. I used gentoo-sources-3.13-r1 as my kernel source. I compiled the kernel without genkernel as I usually do. When I used QEMU-KVM I realized that after the VM is shutdown and QEMU is quit there was still nearly the same amount of memory used as while it was running. Starting and stopping the VM several time results in a swapping system. Double checked that there where no processes left using the memory and found none. Then compiled kmemleak into the kernel but that revealed nothing again. Then deactivated some kernel features: CONFIG_COMPACTION CONFIG_BOUNCE CONFIG_KSM CONFIG_TRANSPARENT_HUGEPAGE CONFIG_CLEANCACHE CONFIG_FRONTSWAP CONFIG_ZBUD With the resulting kernel the problem was gone. Then I tried the original config (the one that seems to result in a leaking kernel) with vanilla-sources. The resulting kernel does not seem to have any problem at all. So I guess the problem must be somewhere in the gentoo patchset. In fact I started a ticket at the kernel bugzilla, but closed it again after I realized that I don't have the problem with the vanilla-sources. Sorry, I was to quick.... forgot to really load the new kernel. The problem is still there with the vanilla sources. So, is there any proposed solution for this. Currently I try only deactivating CONFIG_TRANSPARENT_HUGEPAGE CONFIG_COMPACTION and see if that helps. There are no longer any 2.x or <3.4.2 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security. |