Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Nov 2015 06:15:57 -0500 (EST)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE request -- linux kernel: Null pointer dereference when mounting
 ext4 filesystem

Hello,
If possible, we would like to obtain a CVE-ID for the following security issue.

It was reported that there are some exit paths in ext4_fill_super() which result
in destruction of workqueue which is not yet initialized, leading to kernel NULL
pointer dereference. A privileged user with permission to mount a filesystem or
anybody having physical access to the system's USB port and prepared filesystem
on USB disk which will be automatically mounted can cause system panic and thus
DoS.

References:

https://bugs.openvz.org/browse/OVZ-6541 - initial public disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1267261 - red hat public bug

commit 744692dc059845b2a3022119871846e74d4f6e11 - upstream Linux kernel commit
which fixes the issue (only part of the commit is related).

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ