Date: Fri, 16 Mar 2018 05:30:50 -0400 (EDT) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2018-1068: Linux kernel: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets hello, (we believe this flaw is semi-public. there are posts in public mailing lists and a commit in the upstream Linux tree, but we are not aware of this bug being considered as a security flaw and not aware of any exploits in the wild. so we would like to explicitly post to oss-sec@) a CVE id of CVE-2018-1068 was assigned to this flaw and we would like to ask to use it in the related public communications. so: A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a privileged user to arbitrarily write to a limited range of kernel memory. This flaw can be exploited not only by a system's privileged user (a real "root" user), but also by an attacker who is a privileged user (a "root" user) in a user+network namespace. References: https://marc.info/?l=linux-netdev&m=152023808817590&w=2 https://marc.info/?l=linux-netdev&m=152025888924151&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1552048 An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55e44cdd0254471331b9c4c4c6 https://github.com/torvalds/linux/commit/b71812168571fa55e44cdd0254471331b9c4c4c6 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ