Project

General

Profile

Actions

Bug #14424

closed

tmpfs can be induced to deadlock

Added by Dan McDonald 4 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Immediate
Assignee:
Category:
kernel
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Hard
Tags:
Gerrit CR:

Description

Security researcher Hans Christian Woithe reported CVE-2021-43395 to both us and Oracle. He discovered conditions where any arbitrary user could induce tmpfs to panic with deadlock-detection. This bug tracks our fix for this problem.

Tested using Hans's PoC, which now does not induce a panic. Tested on OmniOS both bare-metal (by Andy Fiddaman) and VM (by Dan McD.). Tested on SmartOS bare-metal (by Dan McD.).

Actions #1

Updated by Electric Monk 4 months ago

  • Status changed from New to Closed
  • % Done changed from 90 to 100

git commit f859e7171bb5db34321e45585839c6c3200ebb90

commit  f859e7171bb5db34321e45585839c6c3200ebb90
Author: Dan McDonald <danmcd@joyent.com>
Date:   2022-01-18T17:11:37.000Z

    14424 tmpfs can be induced to deadlock
    Reviewed by: Robert Mustacchi <rm@fingolfin.org>
    Reviewed by: Andy Fiddaman <andy@omnios.org>
    Reviewed by: Mike Zeller <mike.zeller@joyent.com>
    Approved by: Robert Mustacchi <rm@fingolfin.org>

Actions

Also available in: Atom PDF