Date: Tue, 25 Apr 2017 11:20:12 +0200 From: Andrej Nemec <anemec@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-7477 kernel: net: Heap overflow in skb_to_sgvec in macsec.c Hello folks, Red Hat has been notified about a possible heap overflow vulnerability in kernel networking, specifically in the macsec.c module. We have assigned a CVE-2017-7477 for this issue. Corresponding commit which fixes this issue can be found at . There is no preliminary impact available as of now. Short description: A heap overflow vulnerability was found in the Linux kernel in macsec module. Specifying MAX_SKB_FRAGS + 1 and using NETIF_F_FRAGLIST which calls skb_to_sgvec will overflow the heap. This is now available as a Red Hat bugzilla at .  https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee  https://bugzilla.redhat.com/show_bug.cgi?id=1445207 Best Regards, -- Andrej Nemec, Red Hat Product Security 3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ