|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2004-0554: user-triggerable local DoS against all 2.4 and 2.6 series kernels on i386 (maybe x86_64 too) | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Carl-Daniel Hailfinger <cadaha> |
| Component: | Incidents | Assignee: | Thomas Biege <thomas> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Blocker | ||
| Priority: | P3 - Medium | CC: | security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | CVE-2004-0554: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P) | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
x86 fpu crash.c, compile, run and see the lockup
proposed patch Simpler official mainline fix Fix for 2.4 based kernels |
||
|
Description
Carl-Daniel Hailfinger
2004-06-12 22:18:37 UTC
<!-- SBZ_reproduce --> run the attached program Created attachment 21095 [details]
x86 fpu crash.c, compile, run and see the lockup
Oh, and the patch in the "small writeup" seems not to work for some people. Correct fix will be to handle the exception from the kernel correct. The fwait cannot be just removed imho. Created attachment 21098 [details]
proposed patch
This patch fixes it.
But for SLES9 it's probably better to use a version of this that doesn't cause
oopses for kernel exceptions. They are most likely bugs, but it's too late now
to handle such latent bugs.
After some thought the simpler fwait->fnclex patch from l-k is probably better. Created attachment 21103 [details]
Simpler official mainline fix
That patch will go into mainline, it's simpler than mine.
Patch checked in for SLES9. ------------------------------------------------------------------- Mon Jun 14 01:00:45 CEST 2004 - ak@suse.de - Fix kernel hang with uncleared FPU exceptions on i386/x86-64 (#41951) Reassigning to Hubert and retargeting to SLES8 so that he can handle it for all other maintained trees. Heise just made a big announcement about the bug: http://www.heise.de/newsticker/meldung/48236 Created attachment 21181 [details]
Fix for 2.4 based kernels
In 2.4, things are slightly different. I'm going to apply this patch to all 2.4
based trees. Please have a short look and complain if I messed things up.
Looks good. Fix has been added to every maintained tree and kernels have been submitted for check in. I don't know if we want to wait for the fixes for the other pending problems or if we need to provide fixed kernels immediately due to the severity of this issue. At least we now have the option of releasing kernels soon. CAN-2004-0554 BTW I should add that long term we may want a different fix for this (similar to my original fix, but not exactly the same) It seems fnclex is extremly slow on P4 boxes and this is a hot path. all packages approved. advisory goes out in a few minutes. CVE-2004-0554: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P) |