http://bugzilla.opensuse.org/show_bug.cgi?id=1020429 Bug ID: 1020429 Summary: VUL-0: kernel-source: crash by spawning mcrypt(alg) with incompatible algorithm Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Ref: http://seclists.org/oss-sec/2017/q1/118 ============================================== Hello, Algorithms not compatible with mcryptd could be spawned by mcryptd with a direct crypto_alloc_tfm invocation using a "mcryptd(alg)" name construct. This causes mcryptd to crash the kernel if an arbitrary "alg" is incompatible and not intended to be used with mcryptd. This could be a potential attack to crash the kernel by user program using AF_ALG to request an invalid algorithm such as mcryptd(md5). Initial discussion: https://marc.info/?l=dm-devel&m=148063708010538&w=2 Suggested Patch: http://marc.info/?l=linux-crypto-vger&m=148096718218312&w=2 Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4... Red Hat Product Security Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1404200 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer ============================================== -- You are receiving this mail because: You are on the CC list for the bug.