oss-security - CVE request: -- Linux kernel: Null pointer dereference in tipc_nl_publ

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <a55a2a8b-31c4-d454-376a-fe85302c9b29@gmail.com>
Date: Sat, 21 May 2016 19:21:56 +0800
From: Baozeng Ding <sploving1@...il.com>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Cc: richard.alpe@...csson.com
Subject: CVE request: -- Linux kernel: Null pointer dereference in
 tipc_nl_publ_dump

Hello,
Without checking the pointer to the netlink socket attribute, it could 
cause a null pointer dereference when parsing the nested attributes in 
function tipc_nl_publ_dump. It allows local users to cause a denial of 
service. This vulnerability affects Linux kernel versions from 3.19 to 4.6.

References:
http://lists.openwall.net/netdev/2016/05/14/28
http://lists.openwall.net/netdev/2016/05/16/26

Fixed via:
https://github.com/torvalds/linux/commit/45e093ae2830cd1264677d47ff9a95a71f5d9f9c

Introduce by:
https://github.com/torvalds/linux/commit/1a1a143daf84db95dd7212086042004a3abb7bc2

Could you please assign a CVE for this vulnerability? Thank you.

Best Regards,
Baozeng Ding,  Alibaba Mobile Security Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.