Red Hat Bugzilla – Bug 167696
CVE-2005-2800 SCSI proc DoS
Last modified: 2007-11-30 17:07:20 EST
"Memory leak in the seq_file implemenetation in the SCSI procfs interface (sg.c)
in Linux kernel 2.6.13 and earlier allows local users to cause a denial of
service (memory consumption) via certain repeated reads from the
/proc/scsi/sg/devices file, which is not properly handled when the next()
iterator returns NULL or an error."
Fix: Upstream at
Fix is being tested now.
Fix passed my testing, submitted internally for inclusion.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.