Date: Fri, 6 May 2016 15:14:55 +0200 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Cc: Ben Hutchings <benh@...ian.org> Subject: CVE Requests: Linux: BPF flaws (one use-after-free / local root privilege escalation) A use-after-free flaw via double-fdput in bpf was recently fixed in Linux. Details: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 Fixed via: https://git.kernel.org/linus/8358b02bf67d3a5d8a825070e1aa73f25fb2e4c7 And as well reported/forwarded in Debian: https://bugs.debian.org/823603 Could you please assign a CVE for this issue? The following two might as well warrant a CVE (Ben Hutchings CC'ed has already applied those to the packaging repository in Debian): bpf: fix refcnt overflow: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e bpf: fix check_map_func_compatibility logic https://git.kernel.org/linus/6aff67c85c9e5a4bc99e5211c1bac547936626ca Not sure though if the later one has a security impact. The bug allowed generic map functions to be applied to special map types (program, perf events) that did not support them properly. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.