Date: Tue, 28 Jul 2015 12:26:33 -0500 From: Tyler Hicks <tyhicks@...onical.com> To: oss-security@...ts.openwall.com Cc: David Howells <dhowells@...hat.com>, Colin Ian King <colin.king@...onical.com>, security@...ntu.com Subject: Re: Security issue in Linux Kernel Keyring (CVE-2015-1333) On 2015-07-27 09:18:55, Tyler Hicks wrote: > While improving the system call coverage in stress-ng, Colin Ian King > discovered a bug in the Linux kernel keyring that can be used to cause a > local denial of service due to memory exhaustion when the same key is > repeatedly added to the kernel keyring via the add_key() syscall. > > This issue has been assigned CVE-2015-1333. mancha pinged me on IRC while trying to figure out what kernel versions are affected and I realized that I forgot to include an import detail in my original email. The following commit introduced the issue: commit 034faeb9ef390d58239e1dce748143f6b35a0d9b Date: Wed Oct 30 11:15:24 2013 +0000 KEYS: Fix keyring quota misaccounting on key replacement and unlink Which means that v3.13 and newer kernels are affected: $ git describe --contains 034faeb9ef390d58239e1dce748143f6b35a0d9b v3.13-rc1~18^2~6^2~2 Tyler [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ