Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 5 Jan 2018 07:52:32 -0500 (EST)
From: Vladis Dronov <>
Subject: CVE-2017-15129: Linux kernel: net: double-free and memory
 corruption in get_net_ns_by_id()


A use-after-free vulnerability was found in a network namespaces code affecting the Linux
kernel since  v4.0-rc1 through v4.15-rc5. The function get_net_ns_by_id() does not check
for the net::count value after it has found a peer network in netns_ids idr which could
lead to double free and memory corruption. This vulnerability could allow an unprivileged
local user to induce kernel memory corruption on the system, leading to a crash. Due to
the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe
it is unlikely.

References: (a whole thread)

An upstream patch:

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ