Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Apr 2013 17:00:52 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: CVE request - Linux kernel: tracing NULL pointer dereference

   Hi,

Linux kernels built with Function Tracers and Stack Trackers are vulnerable to 
a NULL pointer dereference flaw. It occurs while writing to `set_ftrace_pid' 
and `set_graph_function' files used by the kernel tracers.

A privileged user/program could use this flaw to crash the kernel, resulting 
in DoS.

Upstream fix:
-------------
  -> https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=952197

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ