[SRU X/B/D/E/F 0/2] CVE-2020-12114
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu May 14 00:35:06 UTC 2020
>From CVE description:
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x
before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before
4.19.119, and 5.x before 5.3 allows local users to cause a denial of
service (panic) by corrupting a mountpoint reference counter.
Commit "fs/namespace.c: fix mountpoint reference counter race" was applied to
the stable series referenced above not coming from an upstream commit. That's
why it doesn't have an upstream commit.
I decided against prefixing the title with "UBUNTU: SAUCE:" because as this
might be applied to Xenial as coming from 4.4.x, it will not be prefixed as
such, and then we would have more than one title to match as a fix.
I tested pivot_root under mount namespaces and user namespaces, and smoke
tested lxd, snapd and docker as well.
Al Viro (1):
propagate_one(): mnt_set_mountpoint() needs mount_lock
Piotr Krysiuk (1):
fs/namespace.c: fix mountpoint reference counter race
fs/namespace.c | 2 +-
fs/pnode.c | 9 ++++-----
2 files changed, 5 insertions(+), 6 deletions(-)
--
2.20.1
More information about the kernel-team
mailing list