Upstream information

CVE-2011-2689 at MITRE

Description

The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.9
Vector AV:L/AC:L/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Note from the SUSE Security Team

fallocate for gfs2 was introduced in 2.6.37, so no SUSE Linux Enterprise product was affected by this issue. Only openSUSE 11.3 and 11.4 are affected by this issue.,This issue was introduced in 2.6.37. It was fixed before SUSE Linux Enterprise 11 SP2 shipment. It affected openSUSE 11.3 and 11.4, but no other versions.,fallocate for gfs2 was introduced in 2.6.37, so no SUSE Linux Enterprise product was affected by this issue. Only openSUSE 11.3 and 11.4 are affected by this issue.,This issue was introduced in 2.6.37. It was fixed before SUSE Linux Enterprise 11 SP2 shipment. It affected openSUSE 11.3 and 11.4, but no other versions.

SUSE Bugzilla entry: 710672 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.