Date: Fri, 3 Feb 2017 11:29:20 +0000 From: John Haxby <john.haxby@...cle.com> To: oss-security@...ts.openwall.com Subject: Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read On 03/02/17 05:52, Wade Mealing wrote: > Mounting a crafted EXT4 image read-only leads to a memory corruption and > SLAB-Out-of-Bounds Reads (according to KASAN). Since the mounting > procedure is a privileged operation, an attacker is probably not able > to trigger this vulnerability on the commandline. > Instead the automatic mounting feature of the GUI via a crafted > USB-device is required. > > From full disclosure at: > > http://seclists.org/fulldisclosure/2016/Nov/75 > > If it has been assigned elsewhere, I am unable to see it. The bugzilla link from the above isn't accessible. Are we missing any useful information? jch
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ