Date: Sat, 1 Apr 2017 22:44:57 +0200 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-7308: Linux kernel: integer overflow in packet_set_ring To Red Hat folks: On Fri, Mar 31, 2017 at 07:20:20PM +0200, Andrey Konovalov wrote: > On Fri, Mar 31, 2017 at 2:03 PM, Andrey Konovalov <andreyknvl@...gle.com> wrote: > > CVE-2017-7308  was assigned to the following issue: > > > > The packet_set_ring function in net/packet/af_packet.c in the Linux > > kernel through 4.10.6 does not properly validate certain block-size > > data, which allows local users to cause a denial of service (overflow) > > or possibly have unspecified other impact via crafted system calls. > > > > The fix is sent upstream . > > Update: the fix actually consists of 3 patches: > > https://patchwork.ozlabs.org/patch/744811/ > https://patchwork.ozlabs.org/patch/744813/ > https://patchwork.ozlabs.org/patch/744812/ > > >  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7308 > > > >  https://patchwork.ozlabs.org/patch/744811/ Red Hat currently says all RHEL starting with RHEL5 are affected: https://access.redhat.com/security/cve/cve-2017-7308 However, the corresponding Bugzilla entry has no mention of that: https://bugzilla.redhat.com/show_bug.cgi?id=1437404 So is it just a better-safe-than-sorry default to list products as affected until known otherwise? If so, maybe Unknown would be better? RHEL5 doesn't yet include TPACKET_V3. I did not check RHEL6. https://github.com/torvalds/linux/commit/f6fb8f100b807378fda19e83e5ac6828b638603a Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ