Date: Thu, 11 May 2017 12:21:53 -0400 (EDT) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-7472 Linux kernel: KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings Hello, A vulnerability was found in the Linux kernel from v2.6.29-rc1 (since commit d84f4f992cbd) upto v4.11-rc8 (commit c9f838d104). It was found that keyctl_set_reqkey_keyring() function leaks thread keyring which allows unprivileged local user to exhaust kernel memory and thus to cause DoS. cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H cwe=CWE-400 References: https://lkml.org/lkml/2017/4/1/235 https://lkml.org/lkml/2017/4/3/724 https://bugzilla.redhat.com/show_bug.cgi?id=1442086 https://bugzilla.novell.com/show_bug.cgi?id=1034862 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.