Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 4 Oct 2018 05:14:42 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2018-14656: Linux kernel: arbitrary kernel memory dump into the
 dmesg log

Heololo,

A missing address check in the callers of the show_opcodes() in the Linux kernel
allows an attacker to dump the kernel memory at an arbitrary kernel address into
the dmesg log. This affects the upstream Linux kernel as it was introduced by
ba54d856a9d8 and 7cccf0725cf7, both since v4.18-rc1 and fixed by 342db04ae712
since v4.19-rc2.

The CVE-2018-14656 was assigned to this flaw, I would suggest to use it in public
communications regarding this flaw.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1629940

https://bugs.chromium.org/p/project-zero/issues/detail?id=1650

https://lore.kernel.org/lkml/20180828154901.112726-1-jannh@google.com/T/

An upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.