oss-security - cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <150590619.3922934.1468259391266.JavaMail.zimbra@redhat.com>
Date: Mon, 11 Jul 2016 13:49:51 -0400 (EDT)
From: CAI Qian <caiqian@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: cvs request: local DoS using rename syscall on overlayfs on top of
 xfs to crash the kernel

I am requesting a CVE for this flaw.

An unprivileged user could run an exploit using rename syscall on
overlayfs on top of xfs to crash the kernel caused a denial of
service.

Exploit:
https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/syscalls/rename/rename13.c

Patch can be found here with more in depth description,
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d5ca871e72f2bb172ec9323497f01cd5091ec7
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca
   CAI Qian

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.