[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE request Linux kernel: ns: user namespaces panic
From: Andy Lutomirski <luto () kernel ! org>
Date: 2015-05-29 23:19:30
Message-ID: 5568F402.2050904 () kernel ! org
[Download RAW message or body]
On 05/29/2015 09:35 AM, P J P wrote:
> Hello,
>
> Linux kernel built with the user namespaces support(CONFIG_USER_NS) is
> vulnerable to a NULL pointer dereference flaw. It could occur when users
> in user namespaces do unmount mounts.
>
> An unprivileged user could use this flaw to crash the system resulting
> in DoS.
>
> Upstream fixes:
> ---------------
> -> https://git.kernel.org/linus/820f9f147dcce2602eefd9b575bbbd9ea14f0953
> -> https://git.kernel.org/linus/cd4a40174b71acd021877341684d8bb1dc8ea4ae
>
> It was introduced by:
> ---------------------
> -> https://git.kernel.org/linus/ce07d891a0891d3c0d0c2d73d577490486b809e1
>
> Thank you Drew Fisher for reporting this issue to Fedora Security Team.
To clarify further: this is a regression in Linux 4.0.2 and will be
fixed in Linux 4.0.5. It has been independently reported by at least
Kenton Varda and Alexander Larsson. I think that Eric Biederman also
reported it to linux-stable at some point.
--Andy
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic