linux kernel 2.6.38 related to O_DIRECT crash

2011-09-06 / 2011-09-07
Credit: Ben Greear
Risk: Low
Local: Yes
Remote: No
CWE: CWE-Other


CVSS Base Score: 4.7/10
Impact Subscore: 6.9/10
Exploitability Subscore: 3.4/10
Exploit range: Local
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

On 04/05/2011 04:38 PM, Jeff Layton wrote: > On Tue, 05 Apr 2011 16:34:17 -0700 > Ben Greear<greearb@candelatech.com> wrote: > >> On 04/05/2011 04:26 PM, Jeff Layton wrote: >> >>> Does the attached patch fix it? It's probably stable material if so... >> >> I'll test your patch. I verified that cifs_file is NULL in cifsFileInfo_put >> and protecting against that also solves the problem. >> > > I'd probably prefer the patch I'm suggesting. I worry that turning > cifsFileInfo_put into a no-op for NULL pointers might paper over future > bugs. Fine by me. Your patch appears to work fine, though I had to apply it manually with patch, as 'git am' didn't understand it's format. I agree this should go to stable. Tested-by: Ben Greear <greearb@candelatech.com> > >>> >>> FWIW, cifs doesn't handle O_DIRECT at all. >> >> I know..and I warn my users when the open() call fails, but I still >> let them attempt the file open. Seems a decent test case after all :) >> > > Definitely. It's a cifs bug for sure, just pointing out that it > probably isn't going to give you what you expect. As Steve points out > forcedirectio might give you something closer to this, but proper > O_DIRECT support is still on the to-do list. I was using just 'directio'. On Fedora 13, there is no mention of 'forcedirectio' in the mount.cifs man page. Are they actually the same thing, or is the man page just missing stuff? Thanks, Ben

References:

https://bugzilla.redhat.com/show_bug.cgi?id=703016
http://www.openwall.com/lists/oss-security/2011/05/09/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7797069305d13252fd66cf722aa8f2cbeb3c95cd
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://marc.info/?l=linux-cifs&m=130204730006155&w=2
http://marc.info/?l=linux-cifs&m=130204357001849&w=2


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top