LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2009-1961
Created:June 8, 2009 Updated:July 29, 2009
Description:

From the National Vulnerability Database entry:

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

Alerts:
Debian DSA-1844-1 2009-07-28
SuSE SUSE-SA:2009:038 2009-07-23
Red Hat RHSA-2009:1157-01 2009-07-14
Mandriva MDVSA-2009:148 2009-07-07
Ubuntu USN-793-1 2009-07-02
Mandriva MDVSA-2009:135 2009-06-17
SuSE SUSE-SA:2009:031 2009-06-09
SuSE SUSE-SA:2009:030 2009-06-08
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds