CVE-2009-1961

Common Vulnerabilities and Exposures

Upstream information

CVE-2009-1961 at MITRE

Description

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

NVD CVSS v2 Base Score: 1.9 (AV:L/AC:M/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 495065

SUSE Security Advisories:

SUSE-SA:2009:030, published Mon, 08 Jun 2009 18:00:00 +0000
SUSE-SA:2009:031, published Mon, 09 Jun 2009 09:00:00 +0000
SUSE-SA:2009:038, published Thu, 23 Jul 2009 14:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.25_0.1-2.1.12` `cluster-network-kmp-xen >= 1.4_2.6.27.25_0.1-2.1.12` `ocfs2-kmp-default >= 1.4_2.6.27.25_0.1-4.1.12` `ocfs2-kmp-xen >= 1.4_2.6.27.25_0.1-4.1.12`	sle11-sdk.x86-64 sle11-hae.x86-64 sle11-debuginfo.x86-64 sles11.x86-64 sled11.x86-64 SAT Patch Nr: 1087
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.25_0.1-2.1.12` `ocfs2-kmp-default >= 1.4_2.6.27.25_0.1-4.1.12`	sle11-hae.ia64 sles11.ia64 sle11-debuginfo.ia64 SAT Patch Nr: 1078
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.25_0.1-2.1.12` `ocfs2-kmp-default >= 1.4_2.6.27.25_0.1-4.1.12`	sle11-hae.s390x sles11.s390x sle11-debuginfo.s390x SAT Patch Nr: 1079
openSUSE 10.3	`kernel-bigsmp >= 2.6.22.19-0.3` `kernel-debug >= 2.6.22.19-0.3` `kernel-default >= 2.6.22.19-0.3` `kernel-kdump >= 2.6.22.19-0.3` `kernel-ppc64 >= 2.6.22.19-0.3` `kernel-source >= 2.6.22.19-0.3` `kernel-syms >= 2.6.22.19-0.3` `kernel-xen >= 2.6.22.19-0.3` `kernel-xenpae >= 2.6.22.19-0.3`
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.25_0.1-2.1.12` `cluster-network-kmp-ppc64 >= 1.4_2.6.27.25_0.1-2.1.12` `ocfs2-kmp-default >= 1.4_2.6.27.25_0.1-4.1.12` `ocfs2-kmp-ppc64 >= 1.4_2.6.27.25_0.1-4.1.12`	sle11-hae.ppc sle11-debuginfo.ppc sles11.ppc SAT Patch Nr: 1080
SUSE Linux Enterprise High Availability Extension 11	`cluster-network-kmp-default >= 1.4_2.6.27.25_0.1-2.1.12` `cluster-network-kmp-pae >= 1.4_2.6.27.25_0.1-2.1.12` `cluster-network-kmp-xen >= 1.4_2.6.27.25_0.1-2.1.12` `ocfs2-kmp-default >= 1.4_2.6.27.25_0.1-4.1.12` `ocfs2-kmp-pae >= 1.4_2.6.27.25_0.1-4.1.12` `ocfs2-kmp-xen >= 1.4_2.6.27.25_0.1-4.1.12`	sled11.x86 sle11-hae.x86 sle11-debuginfo.x86 sle11-sdk.x86 sles11.x86 SAT Patch Nr: 1086

List of products where fixes are in QA

SUSE Linux Enterprise High Availability Extension 11

Markets

Products By Category

Novell

NetIQ (Moving soon to NetIQ.com)

A-Z

Contribute