Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 18 Aug 2015 01:29:53 -0400 (EDT)
From: cve-assign@...re.org
To: wmealing@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: linux kernel:fd leak in vhost ioctl VHOST_SET_LOG_FD

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> A flaw was found in the way Linux kernel's vhost driver treated userspace
> provided log fd while processing VHOST_SET_LOG_FD ioctl command. A
> privileged local user with access to the /dev/vhost-net files.  The
> provided descriptor would never be released and consume kernel memory.
> 
> Usually this /dev/vhost-net file(s) have write access with
> root permissions but applications may access it with privileged 
> access through libvirt or other virtualisation.
> 
> A file descriptor may waste memory for each VHOST_SET_LOG_FD command issued, eventually
> wasting available system resources creating a denial of service.
> 
> https://lkml.org/lkml/2015/8/10/375
> https://bugzilla.redhat.com/show_bug.cgi?id=1251839

(not yet available at
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/vhost/vhost.c)

Use CVE-2015-6252.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJV0sJcAAoJEKllVAevmvmsqscH/1AdQuzu0sM3q3ZxCHidm2cD
tCvp8ap/fN58bu6h8N2XnG7b/cCNgtYZFVhouINLFMjinPaat8rEzX8jnKyvYg3Y
XhhDyXw1c/Ly94Y1Ec3xx5gozlulkJzn/JoZIxenA+ENOh5NQnCL9CSPrmCrGcTO
0w/Tuywuj02jmz9mFiijuDsKFGybGFCQ5gE0tGA5CLyy+0YFHliXdvzBmaD5qBT8
QN4kzG356QYDMA3fPuEBarluYcSHfm4GCogsTa007TjvI+0FdnCRLcN2IKPXBjpY
bo15L2zlMwSAbStNOcuyOdOCaIOE6hlFmt88TxcJ0sFyWjSHZiUcINXsCOyIcwk=
=rAP9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ