http://bugzilla.opensuse.org/show_bug.cgi?id=1008374 Bug ID: 1008374 Summary: kernel: crypto: GPF in lrw_crypt caused by null-deref Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-maintainers@forge.provo.novell.com Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Reference: http://seclists.org/oss-sec/2016/q4/324 ======================================================== Hello, We would like to ask for a CVE-ID for the following security flaw. The lrw_crypt() function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept(2) system call for AF_ALG socket without calling setkey() first to set a cipher key. Initial discussion: https://groups.google.com/forum/#!msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ Red Hat Product Security Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1386286 Initial upstream patch (followed by a set of the related patches): https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d... Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer ======================================================== -- You are receiving this mail because: You are on the CC list for the bug.