Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAKx+4-qZiFB+5NPZCJyTPUY=VkJjmei1J1E+rovApaqQ5+3yqg@mail.gmail.com>
Date: Fri, 11 Dec 2020 11:21:40 +0530
From: Rohit Keshri <rkeshri@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2020-27825 kernel: use-after-free in the ftrace
 ring buffer resizing logic due to a race condition

Hello Team,

Red Hat has identified a vulnerability with the following details.

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux
kernel. There was a race problem in trace_open and resize of cpu buffer
running parallely on different cpus, may cause a denial of service problem
(DOS). This flaw could even allow a local attacker with special user
 privilege to a kernel information leak threat.


'CVE-2020-27825'  was assigned by Red Hat.

Acknowledgements: Adam 'pi3' Zabrocki

Thank you Adam for bringing this to our attention, and your hard work.


Reference:
https://github.com/torvalds/linux/commit/bbeb97464eefc65f506084fd9f18f21653e01137#diff-446a57a3a8781d7d3fb410eb7162dd2002dd363bf1ea936c4fd10397660033e0

Thank You. Regards
..
Rohit Keshri / Red Hat Product Security Team
PGP: OX01BC 858A 07B7 15C8 EF33 BFE2 2EEB 0CBC 84A4 4C2D

secalert@...hat.com for urgent response

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.