Bug 1301581 - Back port of bz 1163891 required as rpc.mountd can be blocked by a bad client
Summary: Back port of bz 1163891 required as rpc.mountd can be blocked by a bad client
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nfs-utils
Version: 6.7
Hardware: x86_64
OS: Linux
urgent
urgent
Target Milestone: rc
: ---
Assignee: Steve Dickson
QA Contact: Yongcheng Yang
URL:
Whiteboard:
: 1205573 (view as bug list)
Depends On:
Blocks: 1269194 1350702
TreeView+ depends on / blocked
 
Reported: 2016-01-25 12:43 UTC by Rinku
Modified: 2019-11-14 07:21 UTC (History)
10 users (show)

Fixed In Version: nfs-utils-1.2.3-71.el6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1350702 (view as bug list)
Environment:
Last Closed: 2017-03-21 11:23:11 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0741 0 normal SHIPPED_LIVE nfs-utils bug fix update 2017-03-21 12:44:36 UTC

Comment 6 Yongcheng Yang 2016-04-19 02:23:39 UTC 
*** Bug 1205573 has been marked as a duplicate of this bug. ***
Comment 11 Dave Wysochanski 2016-06-22 15:28:23 UTC 
I'm not sure about a hotfix for this bug.  The first patch header states it is 'experimental'.  Are we sure these 3 patches won't have side-effects?  I have not reviewed the 3 patches carefully in detail.

Might be more appropriate for a Z-stream.  SteveD - what do you think - should these be safe or do we need some QE before releasing?

commit e4569a0961ff9f059b9ae71327d291cf95399597
Author: Bodo Stroesser <bstroesser.com>
Date:   Wed Nov 12 09:43:29 2014 -0500

    rpc.mountd: set libtirpc nonblocking mode to avoid DOS
    
    This patch is experimental. In works fine in that it removes the
    vulnerability against a DOS attack. rpc.mountd can be blocked by
    a bad client, that sends many RPC requests but never reads the
    responses. This might happen intentionally or caused by a wrong
    network config (MTU). The patch switches on the nonblocking
    mode of libtirpc. In that mode writes can block for a max of 2 seconds.
    Attackers are forced to send requests slower, as libtirpc will close
    a connection if it finds two requests to read at the same time.
    
    Reviewed-by: NeilBrown <neilb>
    Signed-off-by: Bodo Stroesser <bstroesser.com>
    Signed-off-by: Steve Dickson <steved>
Comment 12 Steve Dickson 2016-06-27 11:27:54 UTC 
(In reply to Dave Wysochanski from comment #11)
> I'm not sure about a hotfix for this bug.  The first patch header states it
> is 'experimental'.  Are we sure these 3 patches won't have side-effects?  I
> have not reviewed the 3 patches carefully in detail.
> 
> Might be more appropriate for a Z-stream.  SteveD - what do you think -
> should these be safe or do we need some QE before releasing?
> 
> commit e4569a0961ff9f059b9ae71327d291cf95399597
> Author: Bodo Stroesser <bstroesser.com>
> Date:   Wed Nov 12 09:43:29 2014 -0500
> 
>     rpc.mountd: set libtirpc nonblocking mode to avoid DOS
>     
Its been in place for a number of years and its in RHEL 7
so I'm thinking the three are fairly stable.

I agree with going through the Z-stream process allowing 
QE to do some testing...
Comment 16 Yongcheng Yang 2016-11-01 07:19:52 UTC 
Moving to VERIFIED according to test logs of Comment #15.

Also include this automatic case as regression test in the future.
Comment 18 errata-xmlrpc 2017-03-21 11:23:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0741.html
Note You need to log in before you can comment on or make changes to this bug.