Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 10 Nov 2008 13:07:16 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: Unix sockets kernel panic


======================================================
Name: CVE-2008-5029
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029
Reference: MLIST:[linux-netdev] 20081106 UNIX sockets kernel panic
Reference: URL:http://marc.info/?l=linux-netdev&m=122593044330973&w=2
Reference: MLIST:[oss-security] 20081106 CVE request: kernel: Unix sockets kernel panic
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/06/1
Reference: MISC:http://darkircop.org/unix.c
Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=470201
Reference: BID:32154
Reference: URL:http://www.securityfocus.com/bid/32154

The __scm_destroy function in net/core/scm.c in the Linux kernel
2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself
through calls to the fput function, which allows local users to cause
a denial of service (panic) via vectors related to sending an
SCM_RIGHTS message through a UNIX domain socket and closing file
descriptors.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.