[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2017-7477 kernel: net: Heap overflow in skb_to_sgvec in macsec.c
From: Andrej Nemec <anemec () redhat ! com>
Date: 2017-04-25 9:20:12
Message-ID: b3892063-b093-4353-88e3-49cbec582422 () redhat ! com
[Download RAW message or body]
[Attachment #2 (multipart/mixed)]
Hello folks,
Red Hat has been notified about a possible heap overflow vulnerability
in kernel networking, specifically in the macsec.c module. We have
assigned a CVE-2017-7477 for this issue. Corresponding commit which
fixes this issue can be found at [1]. There is no preliminary impact
available as of now.
Short description:
A heap overflow vulnerability was found in the Linux kernel in macsec
module. Specifying MAX_SKB_FRAGS + 1 and using NETIF_F_FRAGLIST which
calls skb_to_sgvec will overflow the heap.
This is now available as a Red Hat bugzilla at [2].
[1]
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1445207
Best Regards,
--
Andrej Nemec, Red Hat Product Security
3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic