[<prev] [next>] [day] [month] [year] [list]
Message-ID: <87k201ynu5.wl-wmealing@redhat.com>
Date: Thu, 12 Oct 2017 14:47:14 +1000
From: Wade Mealing <wmealing@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key
Gday,
A vulnerability in the Key Management sub component was found in the Linux
kernel. Trying to KEYTCL_READ on negative key would lead to a NULL pointer
dereference. A local attacker could use this flaw to crash the kernel.
It looks as though the read primitive is limited to a fixed address so this
has very limited use as an arbitrary read primitive to leverage for another
exploit.
Fixed by:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=37863c43b2c6464f252862bf2e9768264e961678
Introduced by:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61ea0c0ba904a55f55317d850c1072ff7835ac92
Wade Mealing
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
