Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 13 Oct 2016 08:46:51 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)

Hello,

It was found that when gcc stack protector is turned on, proc_keys_show() can
cause a panic in the Linux kernel due to the stack corruption. This happens
because xbuf[] is not big enough to hold a 64-bit timeout value rendered as weeks.

CVE-2016-7042 was assigned to this flaw internally by the Red Hat. Please, use it
in the public communications regarding this flaw.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1373966 (patch)

https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch)

Note: Unfortunately, I'm not sure if the patch was already sent to security@...nel.org
or alike by the patch author.

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ