Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 18 Aug 2009 16:48:54 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: Re: md raid null ptr dereference (when sysfs is
 writable)


On Fri, 24 Jul 2009, Marcus Meissner wrote:

> http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/

======================================================
Name: CVE-2009-2849
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849
Reference: MLIST:[oss-security] 20090724 md raid null ptr dereference (when sysfs is writable)
Reference: URL:http://www.openwall.com/lists/oss-security/2009/07/24/1
Reference: MLIST:[oss-security] 20090726 Re: md raid null ptr dereference (when sysfs is writable)
Reference: URL:http://www.openwall.com/lists/oss-security/2009/07/26/1
Reference: MISC:http://xorl.wordpress.com/2009/07/21/linux-kernel-md-driver-null-pointer-dereference/
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git;a=commit;h=3c92900d9a4afb176d3de335dc0da0198660a244
Reference: CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.2

The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2
might allow local users to cause a denial of service (NULL pointer
dereference) via vectors related to "suspend_* sysfs attributes" and
the (1) suspend_lo_store or (2) suspend_hi_store functions.  NOTE: this
is only a vulnerability when sysfs is writable by an attacker.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.