Date: Thu, 13 Oct 2016 14:57:17 +0200 From: Greg KH <greg@...ah.com> To: oss-security@...ts.openwall.com Subject: Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) On Thu, Oct 13, 2016 at 08:46:51AM -0400, Vladis Dronov wrote: > Hello, > > It was found that when gcc stack protector is turned on, proc_keys_show() can > cause a panic in the Linux kernel due to the stack corruption. This happens > because xbuf is not big enough to hold a 64-bit timeout value rendered as weeks. > > CVE-2016-7042 was assigned to this flaw internally by the Red Hat. Please, use it > in the public communications regarding this flaw. > > References: > > https://bugzilla.redhat.com/show_bug.cgi?id=1373966 (patch) > > https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch) > > Note: Unfortunately, I'm not sure if the patch was already sent to security@...nel.org > or alike by the patch author. Nope, I don't think that security@...nel.org was sent the patch, but if the maintainer of the subsytem already knows about it (it looks like he wrote the patch), then there was no need to let that alias know about it, right? Any idea if this is going to be submitted to be merged upstream? thanks, greg k-h
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ