Bug 1832543 (CVE-2020-12655)
Summary: | CVE-2020-12655 kernel: sync of excessive duration via an XFS v5 image with crafted metadata | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | acaringi, airlied, bhu, blc, bmasney, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, kyoshida, labbott, lgoncalv, linville, masami256, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, ptalbert, qzhao, rt-maint, rvrbovsk, steved, williams, wmealing |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was discovered in the XFS source in the Linux kernel. This flaw allows an attacker with the ability to mount an XFS filesystem, to trigger a denial of service while attempting to sync a file located on an XFS v5 image with crafted metadata.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-08-25 19:17:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1832545, 1837191, 1837192, 1837193, 1837194, 1837195 | ||
Bug Blocks: | 1832546 |
Description
Guilherme de Almeida Suckevicz
2020-05-06 19:41:04 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1832545] Mitigation: This flaw requires an attacker being able to have the system mount a crafted filesystem. If the xfs filesystem is not in use, the 'xfs' kernel module can be blacklisted and the module will not be loaded when the filesystem is mounted, mounting will fail. However, if this filesystem is in use, this workaround will not be suitable. To find out how to blacklist the "xfs" kernel module please see https://access.redhat.com/solutions/41278 or contact Red hat Global Support services Statement: This issue is rated as having Low impact because of the preconditions needed to trigger it (administrative account or physical access). This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:3545 https://access.redhat.com/errata/RHSA-2020:3545 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12655 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609 |