Public Date:
570863: CVE-2010-0727 kernel: bug in GFS/GFS2 locking code leads to dos

The MITRE CVE dictionary describes this issue as:

The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

Find out more about CVE-2010-0727 from the MITRE CVE dictionary dictionary and NIST NVD.


Red Hat is aware of this issue and is tracking it via the following bug: This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise MRG, as it did not include support for the GFS and GFS2 file systems. For the GFS issue, it was addressed in Red Hat Enterprise Linux 3 in the gfs package, 4 in the GFS-kernel package, and 5 in the gfs-kmod package, via,, respectively. For the GFS2 issue, it was addressed in Red Hat Enterprise Linux 5 in the kernel package via

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 4.9
Base Metrics AV:L/AC:L/Au:N/C:N/I:N/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 5 (kernel) RHSA-2010:0178 2010-03-29
RHEL Cluster-Storage (v. 5.4.Z server) (gfs-kmod) RHSA-2010:0521 2010-07-08
Red Hat Global File System 3AS (GFS) RHSA-2010:0330 2010-03-30
Red Hat Enterprise Linux Cluster-Storage version 5 (gfs-kmod) RHSA-2010:0291 2010-03-29
Red Hat Enterprise Linux EUS (v. 5.4 server) (kernel) RHSA-2010:0380 2010-04-27
Red Hat Global File System 4AS (GFS-kernel) RHSA-2010:0331 2010-03-30