Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 273922 (CVE-2009-1961) - Kernel: <2.6.30-rc3 fs/ocfs2/file.c DOS (CVE-2009-1961)
Summary: Kernel: <2.6.30-rc3 fs/ocfs2/file.c DOS (CVE-2009-1961)
Status: RESOLVED FIXED
Alias: CVE-2009-1961
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://git.kernel.org/?p=linux/kernel...
Whiteboard: [linux >=2.6.19 <2.6.27] [linux >=2.6...
Keywords:
Depends on:
Blocks:
 
Reported: 2009-06-12 21:12 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-05 03:17 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-06-12 21:12:28 UTC 
CVE-2009-1961 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1961):
  The inode double locking code in fs/ocfs2/file.c in the Linux kernel
  2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before
  2.6.29.4, and possibly other versions down to 2.6.19 allows local
  users to cause a denial of service (prevention of file creation and
  removal) via a series of splice system calls that trigger a deadlock
  between the generic_file_splice_write, splice_from_pipe, and
  ocfs2_file_splice_write functions.