Date: Fri, 11 Nov 2016 07:51:26 -0500 (EST) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Hello, Let me please inform that it was discovered by Marco Grassi <marco.gra@...il.com> (many thanks) that the Linux kernels since at least v4.0 are crashing in tcp_collapse() after making a number of certain syscalls. RHEL-7 kernels (3.10.0-xxx) are not vulnerable. Also, the upstream kernels since v4.9-rc1 are not vulnerable too, as they have the commit c9c3321257. Unfortunately, this commit is not fix, but just a workaround. I'm not aware of any fix as of now. CVE-2016-8645 was assigned to this flaw internally by the Red Hat, please, use this CVE-ID in communications regarding this flaw. Discussion at stable@: http://www.spinics.net/lists/stable/msg150470.html Discussion at netdev@: http://www.spinics.net/lists/netdev/msg403701.html http://marc.info/?l=linux-netdev&m=147878925724283&w=2 http://marc.info/?t=147878927800005&r=1&w=2 # the whole thread Red Hat public BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1393904 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.