[Xenial][SRU][CVE-2018-20784][PATCH 0/1] fix infinite loop
Tyler Hicks
tyhicks at canonical.com
Mon Sep 30 15:39:16 UTC 2019
On 2019-09-27 11:54:49, Connor Kuehl wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20784.html
>
> From the link above:
>
> "In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf
> cfs_rq's, which allows attackers to cause a denial of service (infinite
> loop in update_blocked_averages) or possibly have unspecified other impact
> by inducing a high load."
>
> Note, this fix reverts another patch that was specifically SRU'd in to
> Xenial: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1747896
Lets skip this one for SRU cycle 2019.09.30 since I think we need to
think a little more about reverting something that was specifically
SRU'ed.
Tyler
>
> In the hopes of avoiding a trade of 1 regression for another, I did a bit of an
> A/B test to see if I could experience any blatant issues.
>
> I booted Xenial in a 64 bit VM twice. The first time was without this
> CVE backport applied. The second time was with it applied. I ran the
> reproducer in both cases and experienced the same CPU utilization (both
> cores I allocated to my VM were at 100%) and in both cases I experienced
> stable memory pressure. They would both hover around 120MB +/- 3-5MB.
>
> The primary difference between the two runs was where I'd watch the
> cfs_rqs:
>
> WITHOUT the CVE backport: the cfs_rqs fluctuated between 13-18
>
> WITH the CVE backport: the cfs_rqs started around 65, then floated down
> to 61.
>
> If there are more tests that anyone would like to see performed before
> we settle on a decision for this backport, please let me know. I'm happy
> to do it.
>
> - Connor
>
> Linus Torvalds (1):
> sched/fair: Fix infinite loop in update_blocked_averages() by
> reverting a9e7f6544b9c
>
> kernel/sched/fair.c | 44 ++++++++++----------------------------------
> 1 file changed, 10 insertions(+), 34 deletions(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list