SRU request for LP#137978 (6.0.6 LTS)

Colin Ian King colin.king at canonical.com
Wed Sep 3 16:48:44 UTC 2008


https://bugs.launchpad.net/ubuntu/+bug/137978

SRU Justification:

Impact: Running wine applications from a FAT filesystem causes the wine
process to get stuck in a kernel "D" state and cannot be killed. This
prevents a user from unmounting the FAT filesystem.

Fix: Replace a typo in fat_ioctl_readdir() introduced during
CVE-2007-2878, where the second semaphore down() should in fact be an
up().

Testcase: Without the patch one can trip the bug by:

1. Mount any FAT filesystem
2. Copy some file.exe file to it.
3. Run: wine /media/fattest/file.exe
4. Wine hangs and cannot be killed.

With the patch, this works. This has been tested by myself on a cleanly
installed 6.0.6 LTS i386 Desktop version inside VirtualBox, see note:

https://bugs.launchpad.net/ubuntu/+bug/137978/comments/11

Patch attached.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-UBUNTU-fs-fix-semaphore-bug-introduced-by-CVE-2007.patch
Type: application/mbox
Size: 983 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20080903/0320f049/attachment.mbox>


More information about the kernel-team mailing list