Bug 889060 - (CVE-2014-5045) VUL-0: CVE-2014-5045: kernel-source: vfs: refcount issues during unmount on symlink
VUL-0: CVE-2014-5045: kernel-source: vfs: refcount issues during unmount on s...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: E-mail List
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2014-07-25 15:19 UTC by Victor Pereira
Modified: 2016-04-27 19:11 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

backport got SLE12 (1.36 KB, patch)
2014-07-28 08:16 UTC, Michal Hocko
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2014-07-25 15:19:57 UTC

A flaw was found in the way reference counting was handled in the Linux kernel's
VFS subsystem when unmount on symlink was performed.

https://lkml.org/lkml/2014/7/21/98 (proposed patch)
Comment 2 Swamp Workflow Management 2014-07-25 22:00:13 UTC
bugbot adjusting priority
Comment 3 Michal Hocko 2014-07-28 08:15:34 UTC
The fix is public 295dc39d941d (fs: umount on symlink leaks mnt count).

It seems that the issue has been introduced by 8033426e6bdb2 (vfs: allow umount to handle mountpoints without revalidating them) in 3.12 which would mean that only SLE12 is affected. Miklos, could you double check please?

The backport seems trivial. I will attach it here in the next comment.
Comment 4 Michal Hocko 2014-07-28 08:16:09 UTC
Created attachment 600026 [details]
backport got SLE12
Comment 6 Michal Hocko 2014-07-28 12:20:08 UTC
pushed to SLE12 branch.
Comment 8 Jeff Mahoney 2014-07-29 17:51:03 UTC
*** Bug 887713 has been marked as a duplicate of this bug. ***
Comment 9 Michal Marek 2014-08-15 13:48:41 UTC
Miklos, please confirm that the bug only affects SLE12 and close the bug in such case.
Comment 10 Miklos Szeredi 2014-08-18 09:43:50 UTC
Bug was introduced inv 3.12-rc1 by 

8033426e6bdb  vfs: allow umount to handle mountpoints without revalidating them

So only kernels 3.12 - .16 are affected.
Comment 11 Marcus Meissner 2014-10-01 12:31:27 UTC
okay, thanks!