[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request: kernel: tomoyo: oops in tomoyo_mount_acl()
From: Petr Matousek <pmatouse () redhat ! com>
Date: 2011-06-30 10:13:01
Message-ID: 20110630101300.GA16091 () dhcp-25-225 ! brq ! redhat ! com
[Download RAW message or body]
Description of problem:
In tomoyo_mount_acl() since 2.6.36, kern_path() was called without
checking dev_name != NULL. As a result, an unprivileged user can
trigger oops by issuing mount(NULL, "/", "ext3", 0, NULL) request.
Upstream fix:
4e78c724d47e2342aa8fde61f6b8536f662f795f
Thanks,
--
Petr Matousek / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic