Date: Tue, 25 Apr 2017 11:20:12 +0200 From: Andrej Nemec <anemec@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-7477 kernel: net: Heap overflow in skb_to_sgvec in macsec.c Hello folks, Red Hat has been notified about a possible heap overflow vulnerability in kernel networking, specifically in the macsec.c module. We have assigned a CVE-2017-7477 for this issue. Corresponding commit which fixes this issue can be found at . There is no preliminary impact available as of now. Short description: A heap overflow vulnerability was found in the Linux kernel in macsec module. Specifying MAX_SKB_FRAGS + 1 and using NETIF_F_FRAGLIST which calls skb_to_sgvec will overflow the heap. This is now available as a Red Hat bugzilla at .  https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee  https://bugzilla.redhat.com/show_bug.cgi?id=1445207 Best Regards, -- Andrej Nemec, Red Hat Product Security 3701 3214 E472 A9C3 EFBE 8A63 8904 44A1 D57B 6DDA Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.