CVE-2010-0727

Publication date 16 March 2010

Last updated 24 July 2024

Ubuntu priority

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file’s permissions.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
linux	10.04 LTS lucid	Fixed 2.6.32-22.35
	9.10 karmic	Fixed 2.6.31-22.60
	9.04 jaunty	Fixed 2.6.28-19.61
	8.10 intrepid	Ignored end of life, was pending
	8.04 LTS hardy	Fixed 2.6.24-28.70
	6.06 LTS dapper	Not in release
linux-source-2.6.15	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-55.84

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=720e7749279bde0d08684b1bb4e7a2eedeec6394

CVE-2010-0727

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references