Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <e6957bccb1334b74a39ff42d1ce6aa5d@imshyb02.MITRE.ORG>
Date: Fri, 4 Nov 2016 03:06:52 -0400
From: <cve-assign@...re.org>
To: <vdronov@...hat.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: CVE request -- linux kernel: crypto: GPF in lrw_crypt caused by null-deref

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> The lrw_crypt() function in 'crypto/lrw.c' in the Linux kernel
> before 4.5 allows local users to cause a system crash and a denial
> of service by the NULL pointer dereference via accept(2) system call
> for AF_ALG socket without calling setkey() first to set a cipher key.
> 
> Initial discussion:
> https://groups.google.com/forum/#!msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ
> 
> Red Hat Product Security Bugzilla:
> https://bugzilla.redhat.com/show_bug.cgi?id=1386286
> 
> Initial upstream patch (followed by a set of the related patches):
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd504589577d8e8e70f51f997ad487a4cb6c026f

Use CVE-2015-8970.

(The scope of this CVE does not include other issues related to the
https://groups.google.com/forum/#!original/syzkaller/frb2XrB5aWk/R1UNCBm_DwAJ
"However, crypto is still considerably unstable. I will post reports
that I see separately." statement.)

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYHDIjAAoJEHb/MwWLVhi2cN8P/3vw2bO6dXiF2lT052yLL7PK
wVp0lXruDV4LgpUjxUkSdYDVMaW/p/J+CFGSBhyk0hrrBqTVTolgCZPmiHK+7ry7
Ujm+qGP6dwnr2YIJ1E5Du2gIuwRncPk1EbtmRB2rtTLAZ/bkIEBl90HxBB9kC6V7
Hi3qk9xGh9TMy6UHdibR83l+5NB2/L5cHQjAyA4VX39///ZjZwpX2d6lmL2k7vTI
XLpaPZXHK+dhXLdSjGGrx5B7+7IXFkWxPCy/uW2srnE3OwycMiPzBOyOHRYf+G9Y
gZoVBzyCmWFmJEqR/TC+mSfO+EWVplKq5n9gdW7siUNeBItAPhPvlw7ldsgmHyhV
cGkrQX9eDFeU1I43uTpUOk6rDzc8Ue/J+iU1gbaD0PRlMqjBaNJ7HO1nqzKTwrR9
HhL2qmWyL6b/a8h/OH+e0jOwSyDl73Ai7l7M6BywqZFO9tw5L/UdBZmWYBwL+Cu0
491JFgsyNejgrnyFMxzwN4rbBZiYQxMIdu7TRHPkVzOM1TX5XyWMhnP72tvJ6lPw
z1ZMaTvx8CD4majrRHtraOHB5xQRncIWy9c6N+wMJr5msOueQHGofNj8wakbzZCR
gTphUq0U6ka7Oxx2UvxTmHNj1Xv5lpy8SrIkiH3nCHmwodYDuOFXTN3kMXPoZX39
jIXh42I22cKUT4rkWgbh
=LQ8Q
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.