Bug 1551565 (CVE-2017-18208)

Summary: CVE-2017-18208 kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service
Product: [Other] Security Response Reporter: Adam Mariš <amaris>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: airlied, ajax, aquini, bhu, blc, bskeggs, dhoward, ewk, fhrbata, hdegoede, hkrzesin, hwkernel-mgr, iboverma, ichavero, itamar, jarodwilson, jforbes, jglisse, jkacur, john.j5live, jonathan, josef, jross, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, plougher, rt-maint, rvrbovsk, skozina, slawomir, steved, williams, wmealing
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel 4.15 Doc Type: If docs needed, set a value
Doc Text:
The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 03:42:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1551566, 1552458, 1552459, 1552460, 1552461, 1552462, 1552463, 1552464, 1552981, 1552982, 1552983, 1552984, 1740225, 1740226    
Bug Blocks: 1551570    

Description Adam Mariš 2018-03-05 12:29:32 UTC 
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

Upstream patch:

https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91
Comment 3 Wade Mealing 2018-03-07 07:41:10 UTC 
External References:

https://www.kernel.org/doc/Documentation/filesystems/dax.txt
https://lwn.net/Articles/618064/
Comment 7 errata-xmlrpc 2018-10-30 07:31:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083
Comment 8 errata-xmlrpc 2018-10-30 07:37:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096
Comment 9 errata-xmlrpc 2018-10-30 08:58:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948
Comment 11 errata-xmlrpc 2019-11-26 11:52:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.5 Extended Update Support

Via RHSA-2019:3967 https://access.redhat.com/errata/RHSA-2019:3967
Comment 12 errata-xmlrpc 2019-12-03 08:06:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise MRG 2

Via RHSA-2019:4057 https://access.redhat.com/errata/RHSA-2019:4057
Comment 13 errata-xmlrpc 2019-12-03 08:25:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2019:4058 https://access.redhat.com/errata/RHSA-2019:4058