Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Feb 2017 08:02:19 -0500 (EST)
From: Vladis Dronov <>
Subject: Linux kernel: Reachable BUG_ON from userspace in


I'm not sure if now I should be posting this on os-sec@ after requesting
a CVE-ID via MITRE's web-form. Anyway.

It was reported that with Linux kernel, earlier than version v4.10-rc8, an application
may trigger a BUG_ON() in sctp_wait_for_sndbuf() if the socket TX buffer is full, a thread
is waiting on it to queue more data, and meanwhile another thread peels off the association
being used by the first thread.


Upstream patch:

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ