Date: Wed, 15 Apr 2020 23:50:51 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> Subject: CVE-2020-10942 Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field Hello, A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ioctl(VHOST_NET_SET_BACKEND) call and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the '/dev/vhost-net' device may use this flaw to crash the kernel resulting in DoS issue. Upstream patch: -> https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 Reference: -> https://lkml.org/lkml/2020/2/15/125 CVE-2020-10942 assigned via -> https://cveform.mitre.org/ Thank you. -- Prasad J Pandit / Red Hat Product Security Team 8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.