[Bug 1004517] New: CVE-2016-7042: kernel: Stack corruption while reading /proc/keys
http://bugzilla.opensuse.org/show_bug.cgi?id=1004517 Bug ID: 1004517 Summary: CVE-2016-7042: kernel: Stack corruption while reading /proc/keys Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- References: [1] http://seclists.org/oss-sec/2016/q4/115 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1373966 [3] https://security-tracker.debian.org/tracker/CVE-2016-7042 [1]: ================================================== Hello, It was found that when gcc stack protector is turned on, proc_keys_show() can cause a panic in the Linux kernel due to the stack corruption. This happens because xbuf[] is not big enough to hold a 64-bit timeout value rendered as weeks. CVE-2016-7042 was assigned to this flaw internally by the Red Hat. Please, use it in the public communications regarding this flaw. References: https://bugzilla.redhat.com/show_bug.cgi?id=1373966 (patch) https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch) Note: Unfortunately, I'm not sure if the patch was already sent to security () kernel org or alike by the patch author. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer ================================================== [2]: ================================================== It was found that when gcc stack protector is turned on, proc_keys_show() can cause a panic due to stack corruption. This happens because xbuf[] is not big enough to hold a 64-bit timeout rendered as weeks. ================================================== -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1004517
Mikhail Kasimov
participants (1)
-
bugzilla_noreply@novell.com