| Summary: | CVE-2020-10781 kernel: zram sysfs resource consumption | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> | ||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
| Status: | CLOSED ERRATA | QA Contact: | |||||
| Severity: | low | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | unspecified | CC: | acaringi, airlied, bhu, blc, bmasney, brdeoliv, bskeggs, dhoward, dvlasenk, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jlelli, john.j5live, jonathan, josef, jross, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, mcressma, mjg59, mlangsdo, nmurray, ptalbert, qzhao, rt-maint, rvrbovsk, steved, williams | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Linux kernel 5.8-rc6 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: |
A flaw was found in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2021-11-08 01:19:40 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | 1848258, 1848259, 1848260, 1848261, 1848262, 1850165 | ||||||
| Bug Blocks: | 1847650 | ||||||
| Attachments: |
|
||||||
|
Description
Wade Mealing
2020-06-17 07:37:58 UTC
Created attachment 1697754 [details]
Initial patch to change permissions on the file.
Initial patch, not accepted upstream yet.
Mitigation: Changing permissions on the files within /sys will prevent regular users from being able to trigger this issue, however permissions changed within /sys do not persist between reboots and will need to be reapplied after each boot. Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1848259] Acknowledgments: Name: Luca Bruno (Red Hat) Statement: This flaw is rated as having Low impact, because it is a denial of service only and requires the ZRAM kernel module to be loaded, which it is not the default, and oading kernel modules is a privileged operation. External References: https://www.openwall.com/lists/oss-security/2020/06/18/1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=853eab68afc80f59f36bbdeb715e5c88c501e680 This was fixed for Fedora with the 5.7.10 stable kernel updates. |