Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 May 2018 16:49:58 +0200
From: Andrey Konovalov <>
Subject: Re: CVE-2018-1130: Linux kernel: dccp: a null pointer
 dereference in net/dccp/output.c:dccp_write_xmit

On Thu, May 10, 2018 at 2:05 PM, Vladis Dronov <> wrote:
> Hello,
> A null pointer dereference in dccp_write_xmit() function in net/dccp/output.c
> in the Linux kernel before v4.16-rc7 allows a local user to cause a denial of
> service by a number of certain crafted system calls.
> References:
> An upstream patch:
> Best regards,
> Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Hi Vladis,

I've been wondering, how do you choose which bugs you request CVEs
for? Syzbot reported a few hundreds of them over the last few months
and a decent fraction of them looks scarier than a null pointer


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ