[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: kernel: Unix sockets kernel panic
From: dann frazier <dannf () debian ! org>
Date: 2008-11-21 19:00:24
Message-ID: 20081121190023.GK24416 () ldl ! fc ! hp ! com
[Download RAW message or body]
On Tue, Nov 11, 2008 at 05:41:44PM +0800, Eugene Teo wrote:
> Eugene Teo wrote:
> > We need a CVE name for this issue. This was reported in netdev today.
> >
> > "The following code causes a kernel panic on Linux 2.6.26:
> > http://darkircop.org/unix.c
> >
> > I haven't investigated the bug so I'm not sure what is causing it, and
> > don't know if it's exploitable. The code passes unix sockets from one
> > process to another using unix sockets. The bug probably has to do
> > with closing file descriptors."
> >
> > http://marc.info/?l=linux-netdev&m=122593044330973&w=2
> > https://bugzilla.redhat.com/show_bug.cgi?id=470201
> >
> > There isn't a fix yet. Dave is working on it.
>
> There's a fix now.
>
> Upstream commits: f8d570a, 3b53fbf, and 6209344.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=470201#c10
> https://bugzilla.redhat.com/show_bug.cgi?id=470201#c14
> https://bugzilla.redhat.com/show_bug.cgi?id=470201#c9
> https://bugzilla.redhat.com/show_bug.cgi?id=470201#c13
Thanks for following up.
fyi, our testing of this fix has uncovered additional issues.
Local/unprivileged users can cause soft lockups and take out system
processes by triggering the OOM killer:
http://marc.info/?l=linux-netdev&m=122721862313564&w=2
--
dann frazier
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic