Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 1 Apr 2017 22:44:57 +0200
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2017-7308: Linux kernel: integer overflow in packet_set_ring

To Red Hat folks:

On Fri, Mar 31, 2017 at 07:20:20PM +0200, Andrey Konovalov wrote:
> On Fri, Mar 31, 2017 at 2:03 PM, Andrey Konovalov <andreyknvl@...gle.com> wrote:
> > CVE-2017-7308 [1] was assigned to the following issue:
> >
> > The packet_set_ring function in net/packet/af_packet.c in the Linux
> > kernel through 4.10.6 does not properly validate certain block-size
> > data, which allows local users to cause a denial of service (overflow)
> > or possibly have unspecified other impact via crafted system calls.
> >
> > The fix is sent upstream [2].
> 
> Update: the fix actually consists of 3 patches:
> 
> https://patchwork.ozlabs.org/patch/744811/
> https://patchwork.ozlabs.org/patch/744813/
> https://patchwork.ozlabs.org/patch/744812/
> 
> > [1] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7308
> >
> > [2] https://patchwork.ozlabs.org/patch/744811/

Red Hat currently says all RHEL starting with RHEL5 are affected:

https://access.redhat.com/security/cve/cve-2017-7308

However, the corresponding Bugzilla entry has no mention of that:

https://bugzilla.redhat.com/show_bug.cgi?id=1437404

So is it just a better-safe-than-sorry default to list products as
affected until known otherwise?  If so, maybe Unknown would be better?

RHEL5 doesn't yet include TPACKET_V3.  I did not check RHEL6.

https://github.com/torvalds/linux/commit/f6fb8f100b807378fda19e83e5ac6828b638603a

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ