Date: Fri, 3 Feb 2017 18:02:53 +0100 From: Andreas Stieger <astieger@...e.com> To: oss-security@...ts.openwall.com Subject: Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Hello, On 02/03/2017 12:29 PM, John Haxby wrote: > On 03/02/17 05:52, Wade Mealing wrote: >> Mounting a crafted EXT4 image read-only leads to a memory corruption and >> SLAB-Out-of-Bounds Reads (according to KASAN). Since the mounting >> procedure is a privileged operation, an attacker is probably not able >> to trigger this vulnerability on the commandline. >> Instead the automatic mounting feature of the GUI via a crafted >> USB-device is required. >> >> From full disclosure at: >> >> http://seclists.org/fulldisclosure/2016/Nov/75 >> >> If it has been assigned elsewhere, I am unable to see it. > The bugzilla link from the above isn't accessible. Are we missing any > useful information? https://bugzilla.suse.com/show_bug.cgi?id=1023377#c1 RH: https://bugzilla.redhat.com/show_bug.cgi?id=1395190 ML: http://www.spinics.net/lists/linux-ext4/msg54572.html Introduced in: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=952fc18ef9ec707ebdc16c0786ec360295e5ff15 (first in v3.6-rc1...) Fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a4b77cd47bb837b8557595ec7425f281f2ca1fe (first in v4.10-rc1) Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ