Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 20 Jan 2017 22:22:43 -0500
From: <cve-assign@...re.org>
To: <harshula@...hat.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<Jesse.Hertz@...group.trust>, <wmealing@...hat.com>
Subject: Re: CVE REQUEST: linux kernel: process with pgid zero able to crash

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> [] "A process that is in the same process group as the ``init'' process
> (group id zero) can crash the Linux 2 kernel with several system calls
> by passing in a process ID or process group ID of zero. The value zero
> is a special value that indicates the current process ID or process
> group. However, in this case it is also the process group ID of the
> process."
> 
> The risk is that a non-root user can trigger a kernel crash on a
> modified RHEL 6 system where the kernel runs a process that can be
> exploited.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1358840
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f106eee10038c2ee5b6056aaf3f6d5229be6dcdd
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f20011457f41c11edb5ea5038ad0c8ea9f392023
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa2755e20ab0c7215d99c2dc7c262e98a09b01df

>> all of these showed up in the 2.6.35-rc1 release. Any distro
>> based on something older than that needs to worry here.

Use CVE-2010-5328.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYgtL6AAoJEHb/MwWLVhi2U7sP/i3aar2nWzZFv4OfmS3fhGCQ
65QcUWol3gv5BN4dLKgOaWLWMUNisXadbewf1KeICkBXgCtAChIiXf1KCAd4Qerm
ehCGtAD89s4Enc7DqTJFn/vgzcJr6JrQBuYKUf/IMbrixV008ZOogIWlORxCJYbc
vIeOFLRIFvnGmpPj3m9+G8XtWmM+AJKQWTlXiSDSrSkHKEBbPgaZNSMvK/poa8EY
1m9GCMqPepvysqkQHsjbZnxL//C0SY/aqREuyCZzgTvBeyLlzxijud9B9y0Afm69
sj79efvTBywCyr9d1sjZiI1XBaGLQ+oLacQcNfHKJP6GadQ8yUj7OP7Djasm/RZe
EEAn4mzvyQ0nGCGvRAMUrv1SV7EECpidEa1rslbBKYngTYR/vxm1I0LRNorpwe7J
p+1hIWFI8n6uf0QRJV4PyWMVbz3QwGbzwDLTNieuWUQ5A9HxufS0lj3aTN61VVC4
OxVDXpyXeC7Rx0pJRXrgWjOJZc4gblBMUG18qfnV9s5xARo/SsChtkvuv36fzAYj
ewZeS+ez9cK4OsFQsjFSgnPL2zqbbOxh/gDLFs4P3gqRCJz6zFFH+PxXLCvw6xUI
dfibuQbUyCWR048NY3pu05tj7PwoOliqSfxHyYxLKfAqI76E026EaGGQdu7aSJ1k
dfDhxcid2Tl7PBW1WdFp
=m6b1
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.