Date: Mon, 15 Apr 2013 17:00:52 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> Subject: CVE request - Linux kernel: tracing NULL pointer dereference Hi, Linux kernels built with Function Tracers and Stack Trackers are vulnerable to a NULL pointer dereference flaw. It occurs while writing to `set_ftrace_pid' and `set_graph_function' files used by the kernel tracers. A privileged user/program could use this flaw to crash the kernel, resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=952197 Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ