Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 1 Mar 2016 17:11:55 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: Ben Hutchings <benh@...ian.org>
Subject: CVE Request: Linux: aio write triggers integer overflow in some
 network protocols

Hi

We would like to request a CVE for the following issue in the Linux
kernel:

https://git.kernel.org/linus/4c185ce06dca14f5cea192f5a2c981ef50663f2b (v4.1-rc1)

For the linux-stable:

https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit?id=c4f4b82694fe48b02f7a881a1797131a6dad1364

For an upcoming Linux DSA in Debian we would use something like:

> Ben Hawkes of Google Project Zero reported that the AIO interface
> permitted reading or writing 2 GiB of data or more in a single
> chunk, which could lead to an integer overflow when applied to
> certain filesystems, socket or device types.  The full security
> impact has not been evaluated.

The issue was initially already addressed via

https://git.kernel.org/linus/a70b52ec1aaeaf60f4739edb1b422827cb6f3893 (v3.5-rc1)

but then opened again due to

https://git.kernel.org/linus/41ef4eb8eef8d06bc1399e7b00c940d771554711 (v3.10-rc1)

Can you please assign a CVE id for this issue?

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ