Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 26 Aug 2013 12:52:26 -0400 (EDT)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: Linux Kernel: ARM: KVM: NULL pointer dereferences

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Linux kernel built for the ARM(CONFIG_ARM) platform along with the Kernel
> based Virtual Machine support(CONFIG_KVM), is vulnerable to a NULL pointer
> dereference flaw. It occurs while performing an ioctl(KVM_GET_REG_LIST) call
> on the KVM device, without first properly initialising a vCPU.
> 
> An unprivileged user/program could use this flaw to crash the kernel resulting
> in DoS.
> 
> Upstream fix:
>   -> https://git.kernel.org/linus/e8180dcaa8470ceca21109f143876fdcd9fe050a

Use CVE-2013-5634.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSG4afAAoJEGvefgSNfHMdiiUH/R9Y7Hn2tI0UUFA0FJluFNdx
xgZ0u1hxFkpEJ69O6FM5qKmH+TSfF/Jq27WIIjAwLPYA44bAqn3VeVukt/VpZPQj
FCHGcJIDNnwV8n+R29rUPUMQ6VaENDM0aJSWuDlo3puTndNiXX/6vGyh1QXNBfBm
uQHjvwIpOOErQibj2yReJoRJeIZkOJyf8oxJYp0yc+oE1ICbJ+yCCVfTCNBOQXhW
U6EzqiMKAsg1+IgMgJXlD9imf8q8X7kDGnhMq/iWzODeFTpNXtgtAEVp5Ng0irNm
08/zGfMH8F2u+OxFIwzcOc4Y+GYXUcGHHS2GKT399HXwrLUt64sxL5fOots/YxM=
=cONI
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ