Date: Wed, 10 May 2017 18:37:42 +0200 From: Andrey Konovalov <andreyknvl@...gle.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-7308: Linux kernel: integer overflow in packet_set_ring On Fri, Mar 31, 2017 at 7:20 PM, Andrey Konovalov <andreyknvl@...gle.com> wrote: > On Fri, Mar 31, 2017 at 2:03 PM, Andrey Konovalov <andreyknvl@...gle.com> wrote: >> Hi, >> >> CVE-2017-7308  was assigned to the following issue: >> >> The packet_set_ring function in net/packet/af_packet.c in the Linux >> kernel through 4.10.6 does not properly validate certain block-size >> data, which allows local users to cause a denial of service (overflow) >> or possibly have unspecified other impact via crafted system calls. >> >> The fix is sent upstream . > > Update: the fix actually consists of 3 patches: > > https://patchwork.ozlabs.org/patch/744811/ > https://patchwork.ozlabs.org/patch/744813/ > https://patchwork.ozlabs.org/patch/744812/ Another update: this turned out to be exploitable. Details are here: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html > >> >>  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7308 >> >>  https://patchwork.ozlabs.org/patch/744811/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ