Ubuntu
linux-lts-backport-natty package

Comment 14 for bug 990368

Revision history for this message

Shachar Raindel (raindel) wrote on 2012-06-26: RE: [Bug 990368] Re: CVE-2012-2133

#14

Hi Andreia,

I think that your error is unrelated to this bug.
The bug is related to a control variable for hugetlbfs, confusingly named "quota". This variable has nothing to do with quota in NFS servers.

Good luck,
--Shachar

> -----Original Message-----
> From: <email address hidden> [mailto:<email address hidden>] On Behalf
> Of Andreia Pio da Silva
> Sent: Tuesday, June 26, 2012 5:26 PM
> To: Shachar Raindel
> Subject: [Bug 990368] Re: CVE-2012-2133
>
> hugepages: fix use after free bug in "quota" handling - LP: #990368 -
> CVE-2012-2133
>
> Hi,
>
> My NFS server is a ubuntu server 10.04.
>
> please, after the kernel update to version 2.6.32.41 I am with the
> following problem: I had the problem in NFS clients in the creation or
> editing of files for only a few accounts:
>
> fsync failed: Disk quota exceeded
>
> Is very strange happens only on some accounts.
>
> I emphasize that these accounts with this error message has sufficient
> quota on the server.
>
> Today I updated kernel to version 2.6.32.41.90 but the error remains.
>
> Have disabled the control of quotas on the server but can not take this as
> a solution. Any proposal that can solve this problem?
>
> Thanks,
> Andreia Pio da Silva
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (987107).
> https://bugs.launchpad.net/bugs/990368
>
> Title:
> CVE-2012-2133
>
> Status in “linux” package in Ubuntu:
> Invalid
> Status in “linux-armadaxp” package in Ubuntu:
> Fix Committed
> Status in “linux-ec2” package in Ubuntu:
> Invalid
> Status in “linux-fsl-imx51” package in Ubuntu:
> Invalid
> Status in “linux-lts-backport-maverick” package in Ubuntu:
> Invalid
> Status in “linux-lts-backport-natty” package in Ubuntu:
> Invalid
> Status in “linux-lts-backport-oneiric” package in Ubuntu:
> Invalid
> Status in “linux-mvl-dove” package in Ubuntu:
> Invalid
> Status in “linux-ti-omap4” package in Ubuntu:
> Fix Committed
> Status in “linux” source package in Lucid:
> Fix Released
> Status in “linux-armadaxp” source package in Lucid:
> Invalid
> Status in “linux-ec2” source package in Lucid:
> Fix Released
> Status in “linux-fsl-imx51” source package in Lucid:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Lucid:
> Invalid
> Status in “linux-lts-backport-natty” source package in Lucid:
> Fix Released
> Status in “linux-lts-backport-oneiric” source package in Lucid:
> Fix Released
> Status in “linux-mvl-dove” source package in Lucid:
> Invalid
> Status in “linux-ti-omap4” source package in Lucid:
> Invalid
> Status in “linux” source package in Natty:
> Fix Released
> Status in “linux-armadaxp” source package in Natty:
> Invalid
> Status in “linux-ec2” source package in Natty:
> Invalid
> Status in “linux-fsl-imx51” source package in Natty:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Natty:
> Invalid
> Status in “linux-lts-backport-natty” source package in Natty:
> Invalid
> Status in “linux-lts-backport-oneiric” source package in Natty:
> Invalid
> Status in “linux-mvl-dove” source package in Natty:
> Invalid
> Status in “linux-ti-omap4” source package in Natty:
> Confirmed
> Status in “linux” source package in Oneiric:
> Fix Released
> Status in “linux-armadaxp” source package in Oneiric:
> Invalid
> Status in “linux-ec2” source package in Oneiric:
> Invalid
> Status in “linux-fsl-imx51” source package in Oneiric:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Oneiric:
> Invalid
> Status in “linux-lts-backport-natty” source package in Oneiric:
> Invalid
> Status in “linux-lts-backport-oneiric” source package in Oneiric:
> Invalid
> Status in “linux-mvl-dove” source package in Oneiric:
> Invalid
> Status in “linux-ti-omap4” source package in Oneiric:
> Fix Released
> Status in “linux” source package in Precise:
> Fix Released
> Status in “linux-armadaxp” source package in Precise:
> Fix Committed
> Status in “linux-ec2” source package in Precise:
> Invalid
> Status in “linux-fsl-imx51” source package in Precise:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Precise:
> Invalid
> Status in “linux-lts-backport-natty” source package in Precise:
> Invalid
> Status in “linux-lts-backport-oneiric” source package in Precise:
> Invalid
> Status in “linux-mvl-dove” source package in Precise:
> Invalid
> Status in “linux-ti-omap4” source package in Precise:
> Fix Released
> Status in “linux” source package in Quantal:
> Invalid
> Status in “linux-armadaxp” source package in Quantal:
> Fix Committed
> Status in “linux-ec2” source package in Quantal:
> Invalid
> Status in “linux-fsl-imx51” source package in Quantal:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Quantal:
> Invalid
> Status in “linux-lts-backport-natty” source package in Quantal:
> Invalid
> Status in “linux-lts-backport-oneiric” source package in Quantal:
> Invalid
> Status in “linux-mvl-dove” source package in Quantal:
> Invalid
> Status in “linux-ti-omap4” source package in Quantal:
> Fix Committed
> Status in “linux” source package in Hardy:
> Confirmed
> Status in “linux-armadaxp” source package in Hardy:
> Invalid
> Status in “linux-ec2” source package in Hardy:
> Invalid
> Status in “linux-fsl-imx51” source package in Hardy:
> Invalid
> Status in “linux-lts-backport-maverick” source package in Hardy:
> Invalid
> Status in “linux-lts-backport-natty” source package in Hardy:
> Invalid
> Status in “linux-lts-backport-oneiric” source package in Hardy:
> Invalid
> Status in “linux-mvl-dove” source package in Hardy:
> Invalid
> Status in “linux-ti-omap4” source package in Hardy:
> Invalid
>
> Bug description:
> There is a use after free bug in the kernel hugetlb code. The bug can
> allow an authenticated, unprivileged local attacker to crash the
> system (and possibly gain higher privileges) if huge pages are enabled
> in the system.
>
> Break-Fix: - 90481622d75715bfcb68501280a917dbfe516029
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/990368/+subscripti
> ons

Hi Andreia,

I think that your error is unrelated to this bug.
The bug is related to a control variable for hugetlbfs, confusingly named "quota". This variable has nothing to do with quota in NFS servers.

Good luck,
--Shachar

> -----Original Message-----
> From: bounces@canonical.com [mailto:bounces@canonical.com] On Behalf
> Of Andreia Pio da Silva
> Sent: Tuesday, June 26, 2012 5:26 PM
> To: Shachar Raindel
> Subject: [Bug 990368] Re: CVE-2012-2133
> 
> hugepages: fix use after free bug in "quota" handling - LP: #990368 -
> CVE-2012-2133
> 
> Hi,
> 
> My NFS server is a ubuntu server 10.04.
> 
> please, after the kernel update to version 2.6.32.41 I am with the
> following problem: I had the problem in NFS clients in the creation or
> editing of files for only a few accounts:
> 
> fsync failed: Disk quota exceeded
> 
> Is very strange happens only on some accounts.
> 
> I emphasize that these accounts with this error message has sufficient
> quota on the server.
> 
> Today I updated kernel to version 2.6.32.41.90 but the error remains.
> 
> Have disabled the control of quotas on the server but can not take this as
> a solution. Any proposal that can solve this problem?
> 
> Thanks,
> Andreia Pio da Silva
> 
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (987107).
> https://bugs.launchpad.net/bugs/990368
> 
> Title:
>   CVE-2012-2133
> 
> Status in “linux” package in Ubuntu:
>   Invalid
> Status in “linux-armadaxp” package in Ubuntu:
>   Fix Committed
> Status in “linux-ec2” package in Ubuntu:
>   Invalid
> Status in “linux-fsl-imx51” package in Ubuntu:
>   Invalid
> Status in “linux-lts-backport-maverick” package in Ubuntu:
>   Invalid
> Status in “linux-lts-backport-natty” package in Ubuntu:
>   Invalid
> Status in “linux-lts-backport-oneiric” package in Ubuntu:
>   Invalid
> Status in “linux-mvl-dove” package in Ubuntu:
>   Invalid
> Status in “linux-ti-omap4” package in Ubuntu:
>   Fix Committed
> Status in “linux” source package in Lucid:
>   Fix Released
> Status in “linux-armadaxp” source package in Lucid:
>   Invalid
> Status in “linux-ec2” source package in Lucid:
>   Fix Released
> Status in “linux-fsl-imx51” source package in Lucid:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Lucid:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Lucid:
>   Fix Released
> Status in “linux-lts-backport-oneiric” source package in Lucid:
>   Fix Released
> Status in “linux-mvl-dove” source package in Lucid:
>   Invalid
> Status in “linux-ti-omap4” source package in Lucid:
>   Invalid
> Status in “linux” source package in Natty:
>   Fix Released
> Status in “linux-armadaxp” source package in Natty:
>   Invalid
> Status in “linux-ec2” source package in Natty:
>   Invalid
> Status in “linux-fsl-imx51” source package in Natty:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Natty:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Natty:
>   Invalid
> Status in “linux-lts-backport-oneiric” source package in Natty:
>   Invalid
> Status in “linux-mvl-dove” source package in Natty:
>   Invalid
> Status in “linux-ti-omap4” source package in Natty:
>   Confirmed
> Status in “linux” source package in Oneiric:
>   Fix Released
> Status in “linux-armadaxp” source package in Oneiric:
>   Invalid
> Status in “linux-ec2” source package in Oneiric:
>   Invalid
> Status in “linux-fsl-imx51” source package in Oneiric:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Oneiric:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Oneiric:
>   Invalid
> Status in “linux-lts-backport-oneiric” source package in Oneiric:
>   Invalid
> Status in “linux-mvl-dove” source package in Oneiric:
>   Invalid
> Status in “linux-ti-omap4” source package in Oneiric:
>   Fix Released
> Status in “linux” source package in Precise:
>   Fix Released
> Status in “linux-armadaxp” source package in Precise:
>   Fix Committed
> Status in “linux-ec2” source package in Precise:
>   Invalid
> Status in “linux-fsl-imx51” source package in Precise:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Precise:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Precise:
>   Invalid
> Status in “linux-lts-backport-oneiric” source package in Precise:
>   Invalid
> Status in “linux-mvl-dove” source package in Precise:
>   Invalid
> Status in “linux-ti-omap4” source package in Precise:
>   Fix Released
> Status in “linux” source package in Quantal:
>   Invalid
> Status in “linux-armadaxp” source package in Quantal:
>   Fix Committed
> Status in “linux-ec2” source package in Quantal:
>   Invalid
> Status in “linux-fsl-imx51” source package in Quantal:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Quantal:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Quantal:
>   Invalid
> Status in “linux-lts-backport-oneiric” source package in Quantal:
>   Invalid
> Status in “linux-mvl-dove” source package in Quantal:
>   Invalid
> Status in “linux-ti-omap4” source package in Quantal:
>   Fix Committed
> Status in “linux” source package in Hardy:
>   Confirmed
> Status in “linux-armadaxp” source package in Hardy:
>   Invalid
> Status in “linux-ec2” source package in Hardy:
>   Invalid
> Status in “linux-fsl-imx51” source package in Hardy:
>   Invalid
> Status in “linux-lts-backport-maverick” source package in Hardy:
>   Invalid
> Status in “linux-lts-backport-natty” source package in Hardy:
>   Invalid
> Status in “linux-lts-backport-oneiric” source package in Hardy:
>   Invalid
> Status in “linux-mvl-dove” source package in Hardy:
>   Invalid
> Status in “linux-ti-omap4” source package in Hardy:
>   Invalid
> 
> Bug description:
>   There is a use after free bug in the kernel hugetlb code. The bug can
>   allow an authenticated, unprivileged local attacker to crash the
>   system (and possibly gain higher privileges) if huge pages are enabled
>   in the system.
> 
>   Break-Fix: - 90481622d75715bfcb68501280a917dbfe516029
> 
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/990368/+subscripti
> ons

Ubuntulinux-lts-backport-natty package

Comment 14 for bug 990368

Ubuntu
linux-lts-backport-natty package