Vulnerability Details : CVE-2010-0727
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-0727
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0727
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2010-0727
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2010-0727
-
Red Hat 2010-04-06Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2010-0727. This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise MRG, as it did not include support for the GFS and GFS2 file systems. For the GFS issue, it was addressed in Red Hat Enterprise Linux 3 in the gfs package, 4 in the GFS-kernel package, and 5 in the gfs-kmod package, via https://rhn.redhat.com/errata/RHSA-2010-9493.html, https://rhn.redhat.com/errata/RHSA-2010-9494.html, https://rhn.redhat.com/errata/RHSA-2010-0291.html respectively. For the GFS2 issue, it was addressed in Red Hat Enterprise Linux 5 in the kernel package via https://rhn.redhat.com/errata/RHSA-2010-0178.html.
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11392
Repository / Oval RepositoryThird Party Advisory
-
http://www.debian.org/security/2010/dsa-2053
Debian -- Security Information -- DSA-2053-1 linux-2.6Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0521.html
SupportThird Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
mandriva.comThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0330.html
SupportThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=570863
570863 – (CVE-2010-0727) CVE-2010-0727 kernel: bug in GFS/GFS2 locking code leads to dosExploit;Issue Tracking;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2010/03/12/1
oss-security - CVE-2010-0727 kernel: gfs/gfs2 locking code DoS flawExploit;Mailing List;Third Party Advisory
-
http://lkml.org/lkml/2010/3/11/269
LKML: Steven Whitehouse: [PATCH 3/3] GFS2: Skip check for mandatory locks when unlockingPatch;Third Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.34-rc1-next-20100312.bz2
404: File not foundRelease Notes;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0380.html
SupportThird Party Advisory
-
http://securitytracker.com/id?1023809
Red Hat Global File System gfs_lock() Lets Local Users Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*