blob: f8fb919f88079867763979bc1ab87a557455dc07 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Description: fs/namespace.c: fix mountpoint reference counter race
References:
https://www.openwall.com/lists/oss-security/2020/05/04/2
Notes:
carnil> According to the commit message this race condition between
carnil> threads updating mountpoint reference counter affects longterm
carnil> releases 4.4.220, 4.9.220, 4.14.177 and 4.19.118. and got fixed
carnil> in 4.4.221, 4.9.221, 4.14.178 and 4.19.119. This was fixed
carnil> upstream along with 4edbe133f851 ("make struct mountpoint bear
carnil> the dentry reference to mountpoint, not struct mount") in
carnil> 5.3-rc1. Similar issue (but not covered by the CVE) is adressed
carnil> in b0d3869ce9ee ("propagate_one(): mnt_set_mountpoint() needs
carnil> mount_lock"). This was adressed as well in 4.4.221, 4.9.221,
carnil> 4.14.178 and 4.19.120. Additionally in 5.4.37 and 5.6.9.
Bugs:
upstream: released (5.3-rc1) [4edbe133f851c9e3a2f2a1db367e826b01e72594]
4.19-upstream-stable: released (4.19.119) [f511dc75d22e0c000fc70b54f670c2c17f5fba9a]
4.9-upstream-stable: released (4.9.221) [91e997939dda1a866f23ddfb043dcd4a3ff57524]
3.16-upstream-stable: released (3.16.84) [172f22d527862eb5aa9dd767826f5d68562943db]
sid: released (5.3.7-1)
4.19-buster-security: released (4.19.118-2+deb10u1) [bugfix/all/fs-namespace.c-fix-mountpoint-reference-counter-race.patch]
4.9-stretch-security: released (4.9.210-1+deb9u1) [bugfix/all/fs-namespace.c-fix-mountpoint-reference-counter-race.patch]
3.16-jessie-security: released (3.16.84-1)
|