|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2005-3106: kernel: local dos with CLONE_VM threads and core dumping | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Marcus Meissner <meissner> |
| Component: | Incidents | Assignee: | Gerd Hoffmann <kraxel> |
| Status: | RESOLVED WONTFIX | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | CVE-2005-3106: CVSS v2 Base Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:N/A:P) | ||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Marcus Meissner
2005-11-08 16:02:12 UTC
not sure if it affects us at all, have to cross check. Chris, can you assign this to someone in your team please? Gerd, please take this one as well. Pretty much the same low impact as bug #132731, i.e. the deadlock affects the threaded task only, not the whole system. Backport looks trivial though, the fix likely applies as-is to sles9. Also made it into 2.6.11 mainline. What to do? This lonely up() confuses me a bit. But I think it is as minor issue as the bug #132731, so lets lay it at rest. The patch adds a matching down() in the other (completely new) "if (old_mm)" block. With the patch added the code between the first and second patch chunk runs with a read lock on old_mm->mmap_sem, which closes the race window. CVE-2005-3106: CVSS v2 Base Score: 1.2 (AV:L/AC:H/Au:N/C:N/I:N/A:P) |