Re: IRIX XFS filesystem denial of service attack

From: H D Moore (sflist@digitaloffense.net)
Date: 04/16/02


From: H D Moore <sflist@digitaloffense.net>
To: agent99@sgi.com, linux-xfs@oss.sgi.com, bugtraq@securityfocus.com
Date: Mon, 15 Apr 2002 18:32:38 -0500

Does this vulnerability affect the Linux XFS port? The XFS page has no
information about this or whether there is a fix available:

http://oss.sgi.com/projects/xfs/

-HD

On Monday 15 April 2002 04:49 pm, SGI Security Coordinator wrote:
>
> SGI Security Advisory
>
> Title: IRIX XFS filesystem denial of service attack
> Number: 20020402-01-P
> Date: April 15, 2002
> Reference: CAN-2002-0042
> -----------------------
> --- Issue Specifics ---
> -----------------------
>
> It has been reported that there is a vulnerability in IRIX's XFS
> filesystem. Under some circumstances, a user can create a file that would
> hang any application that would try to access it. This has the potential
> to be used to create a Denial of Service attack.



Relevant Pages

  • linux-next: left over things in linux-next after 2.6.28-c1
    ... Linus' tree in a slightly different form. ... psmouse - add support for Elantech touchpads ... Fix sysdev class file creation. ... [XFS] ...
    (Linux-Kernel)
  • Linux 2.6.4-rc2
    ... Here's mainly ARM, XFS, PCI hotplug and firewire updates. ... o parport: move exports to where they are defined ... o parport: fix parport_unregister_port ...
    (Linux-Kernel)
  • Linux 2.6.6
    ... NTFS, XFS, FAT and CIFS updates. ... s390 and ARM updates. ... Fix might_sleep in /proc/swaps code ... acpi build fix setup.c:608: `acpi_skip_timer_override' undeclared ...
    (Linux-Kernel)
  • Linux 2.4.27-pre2
    ... It contains m68k/SPARC, XFS and networking updates, big PCI hotplug ... update, gcc3 fixes, riva fixes, IDE update, amongst others. ... o [TG3]: Jumbo frames and FTQ reset patch ... o Fix page-free-at-IRQ context BUG ...
    (Linux-Kernel)
  • Linux 2.4.24-pre1
    ... The XFS filesystem has been merged. ... o ia64: Clear corrected errors in the kernel ... fix EFI memory map trimming ...
    (Linux-Kernel)