Bug#934160: Bug#962254: NFS(v4) broken at 4.19.118-2
Control: tags 962254 +security -unreproducible
Control: severity 962254 grave
On Fri, Jun 05, 2020 at 08:36:31PM +0200, Salvatore Bonaccorso wrote:
> This now let some rings bell, the described scenario is very similar
> to what was reported in https://bugs.debian.org/934160
>
> Respectively
> https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779736 and
> https://bugzilla.redhat.com/show_bug.cgi?id=1667761 .
Upon more experimentation I continue to favor this being a kernel bug
(src:linux, bug #962254) and not a bug with nfs-common.
Setting vers=4.1 works around the issue, so this is *strictly* NFSv4.2.
I was able to reproduce this issue on a system with nfs-common
1:1.3.4-2.1 and a 4.19.118-2 kernel.
Based upon what I've observed I believe this requires a recent kernel on
*both* NFS client and NFS server. A NFS client with 4.9 connecting to a
NFS server with 4.19 does NOT experience this issue.
I suspect my earlier assessment of this appearing between 4.19.98-1 and
4.19.118-2 was erroneous. I think I was mislead by the order of
computers being updated, and a NFS client with 4.19 connecting to a NFS
server with 4.9 also does not experience this issue.
>From https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779736
this bug appeared somewhere between Linux kernels 4.9 and 4.15.
I concur with John Goerzen's assessment of this qualifying as grave due
to its security implications.
--
(\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/)
\BS ( | ehem+sigmsg@m5p.com PGP 87145445 | ) /
\_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445
Reply to: