Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 3 Apr 2019 07:46:52 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2019-3882: Linux kernel: DoS through vfio/type1 DMA mappings

Heololo,

A flaw was found in the Linux kernel's vfio interface implementation that permits
violation of the user's locked memory limit. If a device is bound to a vfio driver,
such as vfio-pci, and the local attacker is administratively granted ownership of
the device, it may cause a system memory exhaustion and thus a denial of service (DoS).

CVE-2019-3882 was allocated for this flaw.

References:

https://lore.kernel.org/lkml/155414977872.12780.13728555131525362206.stgit@gimli.home/T/#u

https://bugzilla.redhat.com/show_bug.cgi?id=1689426

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security | Senior Software Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.