Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Feb 2017 11:29:20 +0000
From: John Haxby <john.haxby@...cle.com>
To: oss-security@...ts.openwall.com
Subject: Re: Local DoS: Linux Kernel EXT4 Memory Corruption /
 SLAB-Out-of-Bounds Read

On 03/02/17 05:52, Wade Mealing wrote:
> Mounting a crafted EXT4 image read-only leads to a memory corruption and
> SLAB-Out-of-Bounds Reads (according to KASAN).  Since the mounting
> procedure is a privileged operation, an attacker is probably not able
> to trigger this vulnerability on the commandline.
> Instead the automatic mounting feature of the GUI via a crafted
> USB-device is required.
> 
> From full disclosure at:
> 
> http://seclists.org/fulldisclosure/2016/Nov/75
> 
> If it has been assigned elsewhere, I am unable to see it.

The bugzilla link from the above isn't accessible.  Are we missing any
useful information?


jch

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ