Date: Fri, 29 May 2015 16:19:30 -0700 From: Andy Lutomirski <luto@...nel.org> To: oss-security@...ts.openwall.com CC: drew@...dstorm.io Subject: Re: CVE request Linux kernel: ns: user namespaces panic On 05/29/2015 09:35 AM, P J P wrote: > Hello, > > Linux kernel built with the user namespaces support(CONFIG_USER_NS) is > vulnerable to a NULL pointer dereference flaw. It could occur when users > in user namespaces do unmount mounts. > > An unprivileged user could use this flaw to crash the system resulting > in DoS. > > Upstream fixes: > --------------- > -> https://git.kernel.org/linus/820f9f147dcce2602eefd9b575bbbd9ea14f0953 > -> https://git.kernel.org/linus/cd4a40174b71acd021877341684d8bb1dc8ea4ae > > It was introduced by: > --------------------- > -> https://git.kernel.org/linus/ce07d891a0891d3c0d0c2d73d577490486b809e1 > > Thank you Drew Fisher for reporting this issue to Fedora Security Team. To clarify further: this is a regression in Linux 4.0.2 and will be fixed in Linux 4.0.5. It has been independently reported by at least Kenton Varda and Alexander Larsson. I think that Eric Biederman also reported it to linux-stable at some point. --Andy
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ