Date: Fri, 29 May 2015 16:19:30 -0700 From: Andy Lutomirski <luto@...nel.org> To: oss-security@...ts.openwall.com CC: drew@...dstorm.io Subject: Re: CVE request Linux kernel: ns: user namespaces panic On 05/29/2015 09:35 AM, P J P wrote: > Hello, > > Linux kernel built with the user namespaces support(CONFIG_USER_NS) is > vulnerable to a NULL pointer dereference flaw. It could occur when users > in user namespaces do unmount mounts. > > An unprivileged user could use this flaw to crash the system resulting > in DoS. > > Upstream fixes: > --------------- > -> https://git.kernel.org/linus/820f9f147dcce2602eefd9b575bbbd9ea14f0953 > -> https://git.kernel.org/linus/cd4a40174b71acd021877341684d8bb1dc8ea4ae > > It was introduced by: > --------------------- > -> https://git.kernel.org/linus/ce07d891a0891d3c0d0c2d73d577490486b809e1 > > Thank you Drew Fisher for reporting this issue to Fedora Security Team. To clarify further: this is a regression in Linux 4.0.2 and will be fixed in Linux 4.0.5. It has been independently reported by at least Kenton Varda and Alexander Larsson. I think that Eric Biederman also reported it to linux-stable at some point. --Andy
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.