Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 18 Aug 2009 16:20:38 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: clock_nanosleep() with
 CLOCK_MONOTONIC_RAW NULL pointer dereference


======================================================
Name: CVE-2009-2767
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2767
Reference: MLIST:[linux-kernel] 20090804 Re: [PATCH] posix-timers: fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW
Reference: URL:http://lkml.org/lkml/2009/8/4/28
Reference: MLIST:[linux-kernel] 20090804 Re: [PATCH] posix-timers: fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW
Reference: URL:http://lkml.org/lkml/2009/8/4/40
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=70d715fd0597f18528f389b5ac59102263067744
Reference: CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc6
Reference: SECUNIA:36200
Reference: URL:http://secunia.com/advisories/36200
Reference: VUPEN:ADV-2009-2197
Reference: URL:http://www.vupen.com/english/advisories/2009/2197
Reference: XF:linux-kernel-clocknanosleep-priv-escalation(52317)
Reference: URL:http://xforce.iss.net/xforce/xfdb/52317

The init_posix_timers function in kernel/posix-timers.c in the Linux
kernel before 2.6.31-rc6 allows local users to cause a denial of
service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW
clock_nanosleep call that triggers a NULL pointer dereference.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.