Impact: Running wine applications from a FAT filesystem causes the wine
process to get stuck in a kernel "D" state and cannot be killed. This
prevents a user from unmounting the FAT filesystem.
Fix: Replace a typo in fat_ioctl_readdir() introduced during
CVE-2007-2878, where the second semaphore down() should in fact be an
up().
Testcase: Without the patch one can trip the bug by:
1. Mount any FAT filesystem
2. Copy some file.exe file to it.
3. Run: wine /media/fattest/file.exe
4. Wine hangs and cannot be killed.
With the patch, this works. This has been tested by Lei Zhang (message 12 above) and by
myself (message 11).
SRU Justification:
Impact: Running wine applications from a FAT filesystem causes the wine
process to get stuck in a kernel "D" state and cannot be killed. This
prevents a user from unmounting the FAT filesystem.
Fix: Replace a typo in fat_ioctl_readdir() introduced during
CVE-2007-2878, where the second semaphore down() should in fact be an
up().
Testcase: Without the patch one can trip the bug by:
1. Mount any FAT filesystem fattest/ file.exe
2. Copy some file.exe file to it.
3. Run: wine /media/
4. Wine hangs and cannot be killed.
With the patch, this works. This has been tested by Lei Zhang (message 12 above) and by
myself (message 11).