Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Apr 2017 11:21:24 +0200
From: Sebastian Krahmer <krahmer@...e.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE-2017-7874 versus CVE-2009-1185 ?

Hi


I stumbled across https://twitter.com/info_dox/status/854372066228932609
that is curious about an udev+kernel exploit
(https://packetstormsecurity.com/files/142152/Linux-Kernel-4.8.0-udev-232-Privilege-Escalation.html)

which claims to exploit a missing sender-check within udev. That makes
me wonder, as kernel 4.8.0 (and even earlier) no longer allow users
to send NETLINK_KOBJECT_UEVENT messages. Our testcases fail,
as they should:

https://bugzilla.suse.com/show_bug.cgi?id=1034330


However, MITRE apparently assigned a valid CVE for it:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7874

So either we miss some weird corner case or the CVE is invalid
and should be withdrawn?

Sebastian

-- 

~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.com - SuSE Security Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ