[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2020-10942 Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_
From: P J P <ppandit () redhat ! com>
Date: 2020-04-15 18:32:51
Message-ID: nycvar.YSQ.7.76.2004152346280.69262 () xnncv
[Download RAW message or body]
Hello,
A stack buffer overflow issue was found in the get_raw_socket() routine of the
Host kernel accelerator for virtio net (vhost-net) driver. It could occur
while doing an ioctl(VHOST_NET_SET_BACKEND) call and retrieving socket name in
a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2)
calls on the '/dev/vhost-net' device may use this flaw to crash the kernel
resulting in DoS issue.
Upstream patch:
-> https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64
Reference:
-> https://lkml.org/lkml/2020/2/15/125
CVE-2020-10942 assigned via -> https://cveform.mitre.org/
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic