Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Aug 2015 23:21:15 -0400 (EDT)
From: cve-assign@...re.org
To: luto@...capital.net
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: Linux x86_64 NT flag issue - Linux kernel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> When I fixed Linux's NT flag handling, I added an optimization to
> Linux 3.19 and up. A malicious 32-bit program might be able to leak
> NT into an unrelated task. On a CONFIG_PREEMPT=y kernel, this is a
> straightforward DoS. On a CONFIG_PREEMPT=n kernel, it's probably
> still exploitable for DoS with some more care.
> 
> I believe that this could be used for privilege escalation, too, but
> it won't be easy.
> 
> The fix is just to revert the optimization:
> 
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=512255a2ad2c832ca7d4de9f31245f73781922d0
> 
> Mitigation: CONFIG_IA32_EMULATION=n

Use CVE-2015-6666.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJV290aAAoJEL54rhJi8gl51BEP/3YJaklikoui7IEnP++vCiyw
ZKapRPky4Gp2aDs0aecdsgkq+n18zq2NjfsECw5I3hvf9Anmg264pwbvrckmpITu
6Zm3V9yvO4DeJdMCDAk9W7YZzXmW1H18cXCa8DkG4Fr53h4ZZ1tUCsunXXZ82VHT
mlLiJtMlPazjaGinVLK9maMrYkmubOMOnq4sCpbGbHplo9SVfapg0BCZ5mPJyjPQ
f12Z2HRu8Gz3axij27+2vm0YA153JzELrJJ7O50Pu64cfFliXBhy0HN89OvML69h
qkR4QDvFlMmnKJIUSuiYA5exsUMUIQiCfu+ID0ho6v+HbsKNhhdS8VaFtI7LVIKJ
qOYG+EcaotiYz/2KnXuIKhxuLkU+jy42omhfLtWzf1N3GY1+L8I4yaSgmI0fAZag
k+oLWRLujAxiy58KbSfOZcpPj1IHtPXkgNBlGUWepAx8we49RvsWBNYVRTEOW+5l
3JAXBUUhueMc6+j69QjOJLmCLUKRZyRKDcxBUh8ZuiSkw+wPbOipQZMMLHpxuUAf
yGJIKArqG5pBajdzS29KjFL9mDwAs84rIR2PIlEF791k2a/5ZwN/xJr0v76cLnRI
Cjzd6re9ta70IhxMNlRhSCRepIRv5I5Ik3uHFj15bPdIul+3m01v7uZL2krGEQAl
HY2AwGUOLrm8lo8eAISC
=AgVe
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ