Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20160711191842.9D88F42E004@smtpvbsrv1.mitre.org>
Date: Mon, 11 Jul 2016 15:18:42 -0400 (EDT)
From: cve-assign@...re.org
To: caiqian@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> I am requesting a CVE for this flaw.
> 
> An unprivileged user could run an exploit using rename syscall on
> overlayfs on top of xfs to crash the kernel caused a denial of
> service.
> 
> Exploit:
> https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/syscalls/rename/rename13.c
> 
> Patch can be found here with more in depth description

As far as we can tell, there are circumstances in which each of the
two parts of the patch could be relevant, and thus we are assigning
two CVE IDs.


> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185

This patch is present in 4.6 but not in 4.5.5.

Use CVE-2016-6197.


> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d5ca871e72f2bb172ec9323497f01cd5091ec7
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca

These patches are present in both 4.6 and 4.5.5.
(https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5 lists
them.)

Use CVE-2016-6198.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXg+/uAAoJEHb/MwWLVhi2ixYQAJxC7wXlFmCX+ZuJueWhtsPU
PxN8mRCizwA4IuOrYO1EwtrdoGUSQAePX0YBl35NZJ8/K2OcV1J+rwLOkeHP67ep
KXGn3iSjL15B1NeRxztpKwnV3alkuOVljQIM0IRasfYK8oCEX/g+UstyxW0AJNqe
HBFzdgG+XERbqN0uLd5uBtLzz/nCK37e6xWA43augQU+cI5B+URYpcy2n50wiQVG
o3WOreou1RSveyJSbVU4csN6xpgn6KFOi5+sdV0vjyR92BxICFCoJ1lIHHmVm+LF
kT63D7zKFdY3kFqBIKaHhUmnti3a4jddWxnCfAJYcJ7L0+md4DpDJ/uEQTJ1BNXQ
Yw1a3jev4ji2Ajbvlf2lhQHvC1at3jTiQBEHJBOZjLVsxZ2jl35TU3PmLVyR5JHN
cdo2oYVsiNpcfHhkDHQNQAugard2aWYRz+IeF2V1dGNT8JyAL0cAO11c5+Hj/nyc
zGx+NfMq9wPn5RQT1+79IABxbQrJyd1ppfwPiWhyVNwkInkJC3WzZIeXanLaJkLc
wwXyTNGcx9s+zxXlM2tnlyhLCB66iY798T2oBs6mR5ID8NRkGYzli8sb4ZcoiAuJ
rYonHjVJnmYW6Tuz3Yc9Jj9i/UtnSYFWfshfHs8HpKwoA4XPUYw6CM2dNO7e4H9/
xARF3BLpcTyZdqCS/3ao
=aGT3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.