[v2.6] kernel: fs: deadlock due to incorrect usage of rename_lock (CVE-2014-8559)
Linux kernel built with Virtual File System (VFS) support is vulnerable to a deadlock condition. It occurs due to incorrect usage of file system locks. The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
References:
http://seclists.org/oss-sec/2014/q4/476
•MLIST:[linux-kernel] 20141025 fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/25/171
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/26/128
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/25/179
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/25/180
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/26/101
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/26/116
•MLIST:[linux-kernel] 20141026 Re: fs: lockup on rename_mutex in
fs/dcache.c:1035
•URL: https://lkml.org/lkml/2014/10/26/129
•MLIST:[oss-security] 20141030 CVE-2014-8559 - Linux kernel
fs/dcache.c incorrect use of rename_lock
•URL: http://www.openwall.com/lists/oss-security/2014/10/30/7
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1159313
(from redmine: issue id 3588, created on 2014-11-27, closed on 2017-09-05)
- Relations:
- parent #3587