|
Message-Id: <20160831122356.6E0566C4866@smtpvmsrv1.mitre.org> Date: Wed, 31 Aug 2016 08:23:56 -0400 (EDT) From: cve-assign@...re.org To: ben@...adent.org.uk Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, debian@...ny.org Subject: Re: CVE request: Kernel Oops when issuing fcntl on an AUFS directory -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > a bug in Debian's kernel > packages that allows a denial of service (crash) by local users with > access to an aufs filesystem. The bug is in a Debian-specific patch, > not the upstream kernel or aufs code. >> the wheezy kernel upgrade from 3.2.78-1 to 3.2.81-1 added the SETFL >> fcntl support code (#627782) which unfortunately results in a kernel >> Oops when the fcntl is called on a directory. This breaks e.g. copying >> files from an AUFS filesystem on a remote machine using scp. >> fcntl (fd, F_SETFL, O_RDONLY); >> Call the program on regular a file (nothing happens) and then on a >> directory (Oops). >> The Oops happens in fs/fcntl.c >> The aufs_file_fop structure sets the value of the .setfl member to >> aufs_setfl (f_op.c). aufs_dir_fop (dir.c) on the other hand does not. >> aufs 3.2.x+setfl-debian >> kernel NULL pointer dereference Use CVE-2016-7118. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXxsvbAAoJEHb/MwWLVhi2LWoP/3ZaPz0Ig/FPWdBi+JyGP7/K YlCUjfpCrWaIBQwczMqZX+7E+aTym5dQ3tvRYdoOiDZhhcGCxLa7YCNLHZdVDIkC OJOrBOoDyL1OjhcNvFD6uahCAfqVAilvFgR7HNkbiwPnvFIkUd3LZXtvpfCla4l8 8/PABvTGSnZWesZdG573mduIZQ0wO/RGcp1ng+tbyZjXUUWqJe03v70C19s0aMVh xXZLk3WuCUUnEfdWsRK2W5Shj4zCqIBhzbzWQcBcFLL65hxdoLGLLsCkx3EM0VkO 8f07NoP24dKfLy1uH4HhRcVKIc4E22knCGOnWIX4aiHvbLHtBAnoNHhG9rgRg221 DomDaYqjyOXgFUIK2DxB1qJbTPvKuyhWQZ+MrI0c72NJ8nSgexoEdk/6pKagpnq7 gSu1MN+r7Q/IBf722Xqi82y9BBV+NlWH967dlqnH3EoxiHK5M6Y7koCdx+9HYrvs Ib1f60ztjAwglxljqjhGVG02wJhwOqvfH2wJb78HKPJ9A3F24Y5bDyxzmB1J2Pjm fT5vYyOXGUIoY4U8062yaqPI6OJedhKgJvYfnFqJCxa88RpB8sPXZlMcsm+2ajSv kA7X7fS7eNj/gPAXgUEkjJaK8r6sDB5MzhRZ1OvJevbRpHR7GYczfAfgFeqJNSEx IleDjdlHzS7T25oRRIFQ =4pvR -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.