Date: Fri, 6 May 2016 15:14:55 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Cc: Ben Hutchings <benh@...ian.org> Subject: CVE Requests: Linux: BPF flaws (one use-after-free / local root privilege escalation) A use-after-free flaw via double-fdput in bpf was recently fixed in Linux. Details: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 Fixed via: https://git.kernel.org/linus/8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7 And as well reported/forwarded in Debian: https://bugs.debian.org/823603 Could you please assign a CVE for this issue? The following two might as well warrant a CVE (Ben Hutchings CC'ed has already applied those to the packaging repository in Debian): bpf: fix refcnt overflow: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e bpf: fix check_map_func_compatibility logic https://git.kernel.org/linus/6aff67c85c9e5a4bc99e5211c1bac547936626ca Not sure though if the later one has a security impact. The bug allowed generic map functions to be applied to special map types (program, perf events) that did not support them properly. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ