Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 18 Aug 2015 01:38:29 -0400 (EDT)
From: Wade Mealing <wmealing@...hat.com>
To: OSS Security List <oss-security@...ts.openwall.com>
Cc: cve-assign@...re.org
Subject: CVE request - Linux kernel - perf on ppp64 - unbounded checks in
 perf_callchain_user_64 denial of service.

Gday,

A malicious user could create a special stack layout that fools
the perf_callchain_user_64 function (called by perf record) into 
an infinite loop, tying up that particular CPU and the process 
can not be killed.

A kernel patch was committed upstream capping the maximum user-level
stacktrace collected by perf to PERF_MAX_STACK_DEPTH on 64bit powerpc
architectures. This affects ppc64 kernels that support perf.

Thanks,

Wade Mealing

Upstream fix
------------
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3

Red Hat Bugzilla:
- https://bugzilla.redhat.com/show_bug.cgi?id=1218454

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.