Date: Fri, 11 Nov 2016 07:51:26 -0500 (EST) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Hello, Let me please inform that it was discovered by Marco Grassi <marco.gra@...il.com> (many thanks) that the Linux kernels since at least v4.0 are crashing in tcp_collapse() after making a number of certain syscalls. RHEL-7 kernels (3.10.0-xxx) are not vulnerable. Also, the upstream kernels since v4.9-rc1 are not vulnerable too, as they have the commit c9c3321257. Unfortunately, this commit is not fix, but just a workaround. I'm not aware of any fix as of now. CVE-2016-8645 was assigned to this flaw internally by the Red Hat, please, use this CVE-ID in communications regarding this flaw. Discussion at stable@: http://www.spinics.net/lists/stable/msg150470.html Discussion at netdev@: http://www.spinics.net/lists/netdev/msg403701.html http://marc.info/?l=linux-netdev&m=147878925724283&w=2 http://marc.info/?t=147878927800005&r=1&w=2 # the whole thread Red Hat public BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1393904 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ