Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 2 May 2017 12:58:22 +0000
From: Ari Kauppi <Ari.Kauppi@...opsys.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: CVE-2017-7645 Linux kernel: nfsd: remote DoS

Hi,

Linux kernel NFSv3 and NFSv2 servers are vulnerable to a remote DoS attack.

A specifically crafted request can overflow the request/response page
array. A few distinct attack vectors exist which all lead to system hang/crash
and have possibly other unspecified impact.

The attack vectors require at least read access to a NFS mount on the target host.

The issue has been verified to be reproducible on multiple baselines. At least
2.6.32, 3.2, 4.4, 4.8 and 4.10 baselines (and distributions derived from those)
have been confirmed to be vulnerable. Fixed in 4.11 release.

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H (7.7 / High)

Upstream patch:
https://git.kernel.org/linus/e6838a29ecb484c97e4efef9429643b9851fba6e

This issue was found by Tuomas Haanpää and Matti Kamunen from Synopsys Ltd
with Synopsys Defensics fuzzer.

Thanks,

--
Ari Kauppi / Synopsys Ltd.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.