Date: Tue, 18 Aug 2009 16:48:54 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: OSS Security List <oss-security@...ts.openwall.com> Subject: Re: md raid null ptr dereference (when sysfs is writable) On Fri, 24 Jul 2009, Marcus Meissner wrote: > http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/ ====================================================== Name: CVE-2009-2849 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849 Reference: MLIST:[oss-security] 20090724 md raid null ptr dereference (when sysfs is writable) Reference: URL:http://www.openwall.com/lists/oss-security/2009/07/24/1 Reference: MLIST:[oss-security] 20090726 Re: md raid null ptr dereference (when sysfs is writable) Reference: URL:http://www.openwall.com/lists/oss-security/2009/07/26/1 Reference: MISC:http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/ Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git;a=commit;h=3c92900d9a4afb176d3de335dc0da0198660a244 Reference: CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-126.96.36.199 The md driver (drivers/md/md.c) in the Linux kernel before 188.8.131.52 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.