Date: Fri, 3 Feb 2017 15:52:19 +1000 From: Wade Mealing <wmealing@...hat.com> To: oss-security@...ts.openwall.com Subject: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Gday, I'd like to ask for a CVE for the flaw the EXT4 filesystem as described as: Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB-Out-of-Bounds Reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB-device is required. >From full disclosure at: http://seclists.org/fulldisclosure/2016/Nov/75 If it has been assigned elsewhere, I am unable to see it. Thanks, Wade Mealing Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.