Date: Tue, 28 Jul 2015 12:26:33 -0500 From: Tyler Hicks <tyhicks@...onical.com> To: oss-security@...ts.openwall.com Cc: David Howells <dhowells@...hat.com>, Colin Ian King <colin.king@...onical.com>, security@...ntu.com Subject: Re: Security issue in Linux Kernel Keyring (CVE-2015-1333) On 2015-07-27 09:18:55, Tyler Hicks wrote: > While improving the system call coverage in stress-ng, Colin Ian King > discovered a bug in the Linux kernel keyring that can be used to cause a > local denial of service due to memory exhaustion when the same key is > repeatedly added to the kernel keyring via the add_key() syscall. > > This issue has been assigned CVE-2015-1333. mancha pinged me on IRC while trying to figure out what kernel versions are affected and I realized that I forgot to include an import detail in my original email. The following commit introduced the issue: commit 034faeb9ef390d58239e1dce748143f6b35a0d9b Date: Wed Oct 30 11:15:24 2013 +0000 KEYS: Fix keyring quota misaccounting on key replacement and unlink Which means that v3.13 and newer kernels are affected: $ git describe --contains 034faeb9ef390d58239e1dce748143f6b35a0d9b v3.13-rc1~18^2~6^2~2 Tyler Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.