Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 30 Mar 2017 08:48:21 +0530
From: Lokesh Ubuntu <>
Subject: Re: CVE-2017-7184: kernel: Local privilege escalation
 in XFRM framework

Is there any POC for this to conclude? Thanks.

Regards, Lokesh

On Mar 30, 2017 03:14, "Tyler Hicks" <> wrote:

> A security issue was reported by ZDI, on behalf of Chaitin Security
> Research Lab, against the Linux kernel in Ubuntu. It also affected the
> upstream kernel.
> Chaitin Security Research Lab discovered that xfrm_replay_verify_len(),
> as called by xfrm_new_ae(), did not verify that the user-specified
> replay_window was within the replay state buffer.
> This allowed for out-of-bounds reads and writes of kernel memory.
> Chaitin Security showed that this can lead to local privilege escalation
> by using user namespaces in order to configure XFRM. XFRM configuration
> requires CAP_NET_ADMIN so this issue is mitigated in kernels which do
> not enable user namespaces by default.
> Fixes:
> -
> -
> Tyler

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ