RHEL 5 : gfs-kmod (RHSA-2010:0521)

Updated gfs-kmod packages that fix one security issue are now available for Red Hat Enterprise Linux 5.4 Extended Update Support, kernel release 2.6.18-164.19.1.el5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

Scientific Linux Security Update : GFS on SL3.x i386/x86_64

A flaw was found in the gfslock implementation. The GFS locking code could skip the lock operation for files that have the SISGID bit set-group-ID on execution in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic...

Moderate: Red Hat Security Advisory: gfs-kmod security update

Updated gfs-kmod packages that fix one security issue are now available for Red Hat Enterprise Linux 5.4 Extended Update Support, kernel release 2.6.18-164.19.1.el5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

Mandriva Update for kernel MDVSA-2010:066 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2010:066 kernel Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Moderate: Red Hat Security Advisory: GFS security and bug fix update

Updated GFS packages that fix one security issue are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-63.EL. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Linux GFS / GFS2 file system DoS

gfs2lock/gfslock doesn't check file permissions...

Linux Kernel gfs_lock函数本地拒绝服务漏洞

CVECAN ID: CVE-2010-0727 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的gfs2lock和gfslock函数没有正确地删除对setgid未设置group-execute权限文件的POSIX锁定，这允许本地用户通过在GFS或GFS2文件系统上锁定文件然后再更改该文件的权限导致系统崩溃。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://lkml.org/lkml/2010/3/11/269...

Code injection

The gfs2lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfslock function in the Linux kernel on Red Hat Enterprise Linux RHEL 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a...

CVE-2010-0727

CVE-2010-0727 affects the Linux kernel: the gfs2_lock (and on RHEL 5/6 gfs_lock) fails to properly remove POSIX locks on files that are setgid without group-execute permission. This allows a local attacker to trigger a denial of service or system crash by locking a file on a GFS or GFS2 filesyste...