'[oss-security] Re: CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesyst'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesyst
From:       cve-assign () mitre ! org
Date:       2015-11-23 21:27:48
Message-ID: 20151123212748.4C2036C01B3 () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> It was reported that there are some exit paths in ext4_fill_super() which result
> in destruction of workqueue which is not yet initialized, leading to kernel NULL
> pointer dereference. A privileged user with permission to mount a filesystem or
> anybody having physical access to the system's USB port and prepared filesystem
> on USB disk which will be automatically mounted can cause system panic and thus
> DoS.
> 
> https://bugs.openvz.org/browse/OVZ-6541 - initial public disclosure
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1267261 - red hat public bug
> 
> commit 744692dc059845b2a3022119871846e74d4f6e11 - upstream Linux kernel commit
> which fixes the issue (only part of the commit is related).

> > http://ftp.linux.org.uk/pub/linux/linux-2.6/ChangeLog-2.6.34
> > http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11
> > 

As far as we can tell, what you mean is that:

  - "[media] usbvision: usbvision_probe() can trigger a kernel NULL
    pointer dereference" in the "Thread-Topic" header of your message
    is completely unrelated to the vulnerability. That header
    apparently originated in a message you composed a few weeks ago.

  - this is an ext4 issue that was fixed in 2.6.34 in May 2010

  - the possible security relevance wasn't publicly described until
    2015

Use CVE-2015-8324.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWU4RmAAoJEL54rhJi8gl5750P/35CCN2s9KIAsEXcMmxtyXQh
kF9RUSoIm/jjBJHr2BYNnuzKXuk62InfdsgPPI4zFRTFXfLZaY+XJootyv4iSwVO
a9u4hYuVktm4HdEnRmKcOwTjXVGnVKXT+Ax9rMWD8w/OeZTyjVAf4EI/ETvyRlFl
unuRQ9XqlEUr44iF+FmgqFXBUxCghZPGBTFlAZxgvEiXN7md4mtUOgmnSyD+fdbR
wHDQxqh70ErQ+qUajK1wDxDT52YcwnzK9MRf44AiE7+HFMtANGB1fzhOUJM6h0aD
lHPsn+N9+QjZlcCz2sEYBQakJaGoUzZl0//J//CZWNGmUwDxGopNSBdEDVfCWshD
8opUhDMkWQfr2Tk9WOrjas4ZMiSjN6qksJqWzDzvJjdSqn3jX3Z7ougFl7TUN9Mb
ItPHWRNlUYHGFgBp4A9MjADwib/LxSQ+lbC5FM/T5E+kwTU7Umf1P0fr6LRpbASU
IEJDgy3l25NlGeZ6bzYsUwzNgoUqvY6o9O/yvh2kwP4wHgIBSYrW2Or2xx7P5TAj
+dab6qsJ019bZW56m8gWnGTf/hD0pgIMGSQGaOQOe5mtocfVohZm0ZZfyltRhJqO
ZOLLtjmtlL9FSSEJtQqiUWCvFztp5C/WFSWkfsLjCm5Yoy3bHbTK9HJ+aIlI7hJq
O90sihjXAtWBittcww4m
=Iq/e
-----END PGP SIGNATURE-----


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic