Description of problem: Date: Wed, 28 Mar 2007 09:53:31 -0500 From: Jim Rees <rees> To: Steve Dickson <steved> We have recently found a remote denial of service attack against Redhat nfs servers running the 2.6.9-42 kernel. The attack can be carried out by any client with read access to the nfs server, and results in corruption to the ext3 journal on the server. The server usually requires a manual fsck to recover. I have attached a pcap trace of the attack, which uses a specially crafted file handle. Only a lookup and readdir operation are required. The attack is in frames 53-57 of the trace. I have also attached a patch that prevents this attack. This patch is in the upstream kernel sources, but as far as I know has not been merged in to the Redhat kernel source. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 151144 [details] Upstreamp patch
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
*** This bug has been marked as a duplicate of 199172 ***