Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <nycvar.YSQ.7.76.2004152346280.69262@xnncv>
Date: Wed, 15 Apr 2020 23:50:51 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: CVE-2020-10942 Kernel: vhost-net: stack overflow in get_raw_socket
 while checking sk_family field

   Hello,

A stack buffer overflow issue was found in the get_raw_socket() routine of the 
Host kernel accelerator for virtio net (vhost-net) driver. It could occur 
while doing an ioctl(VHOST_NET_SET_BACKEND) call and retrieving socket name in 
a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) 
calls on the '/dev/vhost-net' device may use this flaw to crash the kernel 
resulting in DoS issue.

Upstream patch:
   -> https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64

Reference:
   -> https://lkml.org/lkml/2020/2/15/125

CVE-2020-10942 assigned via -> https://cveform.mitre.org/

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.