Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 4 Dec 2016 14:45:58 -0500
From: <cve-assign@...re.org>
To: <sploving1@...il.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<herbert@...dor.apana.org.au>
Subject: Re: CVE Request: -- Linux kernel: double free in netlink_dump

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> A double free vulnerability was found in netlink_dump, which could
> cause a denial of service or possibly other unspecified impact.

> http://lists.openwall.net/netdev/2016/05/15/69
> https://github.com/torvalds/linux/commit/92964c79b357efd980812c4de5c1fd2ec8bb5520

>> netlink: Fix dump skb leak/double free

>> When we free cb->skb after a dump, we do it after releasing the
>> lock.  This means that a new dump could have started in the time
>> being and we'll end up freeing their skb instead of ours.
>> 
>> This patch saves the skb and module before we unlock so we free
>> the right memory.

Use CVE-2016-9806.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYRHFwAAoJEHb/MwWLVhi2hsAP/3lgM/3+LJHUfJISIWERrGgO
U3X5tyJ7F/HE85fmpMTq1mJxS0pgfswpozEBTwMT/oVOjWNRh0lppMlZegR+yAdr
Whz/xJToSf0I/QRz2AviGtHkGDs3+SeJcVsWQbIh/WGbUpwyy8IdF3WVni+8fNUY
zIhNzdZ8XZCAEl8ZLcvFl7v1SH+t4zfiTMZX9Qalpp6fJ4oNjJlQjY/jrojQ527k
NbM7JGV3UHb+rLLaPBnykTYQ1Kip3KYEZTD26kyI1XbUlTYfjzGQ8Tfx9x+EzDnE
22Fa5aib+I/AkAW0JbPihPBlDEcXGQWMbFTIvPkfqiCjVCO2QWb+WdSJ5F/QBy1F
kPoXsJy++XNjcrtg436KR5jH3wQdUC1zwzmd9SC8QonA7ZQazxDU/vs740o5hray
DQq1Ca/ZqQp5iO8phPhEiVCOGsqwArhaQ0LuR0ZcpaFKXRP/oa5s4xxgUDsq41JZ
4W3K28o5nS3nlMaz/ekolxIhbtJYu7e6xey+YDpno6xYfTbx2mdpl3U1ICB+fSrt
i+H2NKmv4/sEpXQLEh5byJKx0RPCfU+alRfWBeyEU6lcHtmwtvks/V5ttK6OMVRQ
FSZwcRrv2QmEwTqM104umTdUFp+0+3pY4iHwtCLZ5EARp/04UhVtIH3mNScnYn9S
UPX/llj6prAyQ63BQEKg
=Yz/R
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ