Date: Tue, 13 Nov 2012 16:36:23 +0100 From: Petr Matousek <pmatouse@...hat.com> To: Marcus Meissner <meissner@...e.de> Cc: oss-security@...ts.openwall.com Subject: Re: CVE request -- Linux kernel: mm/hotplug: failure in propagating hot-added memory to other nodes On Tue, Nov 13, 2012 at 04:21:19PM +0100, Marcus Meissner wrote: > On Sun, Nov 11, 2012 at 12:19:13AM -0700, Kurt Seifried wrote: > > On 11/10/2012 02:36 PM, Petr Matousek wrote: > > > A NULL pointer dereference flaw has been found in the way a new > > > node's hot-added memory is propagated to other nodes zonelists. An > > > unprivileged local user can use this flaw to crash the system. > > > > > > Upstream fix: > > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=08dff7b7d629807dbb1f398c68dd9cd58dd657a1 > > > > > > References: https://bugzilla.redhat.com/show_bug.cgi?id=875374 > > > > > > Thanks, > > > > Please use CVE-2012-5517 for this issue. > > Our Mel Gorman wonders how this is a security issue. > > A local attacker would need to wait for the administrator to hot-add > memory, which seems unlikely on first thought? Yes, it is unlikely, but not impossible. This unlikely condition is reflected in the CVSSv2  score -- AC:H -- which Red Hat uses to rate the severity of the security issues and also reflected in the impact rating .  http://www.first.org/cvss/cvss-guide.html  https://access.redhat.com/security/updates/classification/ -- Petr Matousek / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.