[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2016-0723: Linux kernel: Kernel memory disclosure.
From: Wade Mealing <wmealing () redhat ! com>
Date: 2016-04-27 2:30:57
Message-ID: CALJHwhRhh=RqEH+m3CfT4KsuG3m3LgMC9vRZh4QFXSTkV-PtUg () mail ! gmail ! com
[Download RAW message or body]
A flaw was discovered in the linux kernel tty subsystem which allows
for disclosure of uncontrolled memory location and possible kernel
panic. The information leak is caused by a race condition when
attempting to set and read the tty line discipline.
An attacker can use the TIOCSETD (via tty_set_ldisc ) to switch to a
new line discipline, a concurrent call to with a TIOCGETD ioctl
performs a read on a given tty may be able to access memory previously
allocated. Up to 4 bytes may leaked to userspace when querying the
line discipline.
Thanks,
Wade Mealing
Red Hat Product Security
Upstream fix:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439
Upstream discussion:
http://lkml.iu.edu/hypermail/linux/kernel/1511.3/03045.html
Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1296253
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic