Date: Wed, 27 Apr 2016 12:30:57 +1000 From: Wade Mealing <wmealing@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-0723: Linux kernel: Kernel memory disclosure. A flaw was discovered in the linux kernel tty subsystem which allows for disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. An attacker can use the TIOCSETD (via tty_set_ldisc ) to switch to a new line discipline, a concurrent call to with a TIOCGETD ioctl performs a read on a given tty may be able to access memory previously allocated. Up to 4 bytes may leaked to userspace when querying the line discipline. Thanks, Wade Mealing Red Hat Product Security Upstream fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439 Upstream discussion: http://lkml.iu.edu/hypermail/linux/kernel/1511.3/03045.html Red Hat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1296253
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ