Date: Mon, 05 Mar 2018 05:15:13 +0000 From: Wade Mealing <wmealing@...hat.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Linux kernel: CVE-2018-1065 - netfilter rule insertion may panic system. This flaw was reported to nedev via syzbot (the Syzkaller fuzzer). It is possible that a user with the capabilities to insert iptables/netfilter rules is able to insert a rule that can jump to a non user-user chain/invalid chain. This is not possible using the iptables/netfilter libitc code, however it is possible via setsockopt with the appropriate capabilities set. The bug is not specific to SCTP it is just coincidental that the syzcaller code has tripped it using this path. The patches fix both ipv6 and ipv4 paths that are able to trigger the issue. Thanks Report: http://lists.openwall.net/netdev/2018/01/27/46 Proposed patch: <http://patchwork.ozlabs.org/patch/870355/> http://patchwork.ozlabs.org/patch/870355/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ