The XFS subsystem in the Linux kernel 4.4 and later allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the 'trinity' program, as a result of a page lock order bug in the XFS seek hole/data implementation.
Per the reporter, the 'trinity' program should be run in a container on xfs filesystem as a storage, for example with 'docker' with 'overlay2' or 'devicemapper' with LVM thin pool as a storage engine.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1384852]
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2 as the code with the flaw is not present in the products listed.
Any idea if this issue has been fixed upstream? If so where?
unfortunately, we are not aware of such a fix.
i've searched upstream's git-log for something like "Fixes: fc0561ce" or "CVE-2016-8660" but unfortunately/expectedly have not found anything.
> This had also been reported to the XFS maintainer and diagnosed as
> a page lock order bug in the XFS seek hole/data implementation and
> presumably is still working on a fix better than to revert the above commit.
so i guess this thread is a proper place to check. unfortunately, i cannot find any message mentioning "fc0561cef" in linux-xfs@.
(god bless marc.info) the thread in question is: