Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 7 Dec 2017 12:17:18 +0100
From: Greg KH <greg@...ah.com>
To: at zhou <zhouat2017@...il.com>
Cc: security@...nel.org, secalert@...hat.com, security@...e.com,
	tglx@...utronix.de, oss-security@...ts.openwall.com,
	linux-distros@...openwall.org
Subject: Re: signed integer overflow in common_timer_get on linux 4.15.0-rc1

On Thu, Dec 07, 2017 at 06:01:43PM +0800, at zhou wrote:
> Hi all,
> 
> credit   to   L5@...vulcan team
> 
> I fuzzed the linux kernel and find signed integer overflow on linux
> 4.15.0-rc1+.
> the crash log can see below, the .config and the poc file ,please see the
> attachments.

Odd, doesn't seem to affect a 4.9 or 4.15-rc2 kernel here on my
machines, is there something specific in the .config that might be
triggering this?

thanks,

greg k-h

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ