oss-sec mailing list archives
Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open
From: cve-assign () mitre org
Date: Fri, 13 Mar 2015 19:24:20 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Linux kernel built with the virtual console support(CONFIG_VT) is vulnerable to a NULL pointer dereference issue. It could occur while accessing pseudo terminal device(/dev/pts/*) files. An unprivileged user could use this flaw to crash the system kernel resulting in DoS. https://git.kernel.org/linus/c290f8358acaeffd8e0c551ddcc24d1206143376
TTY: drop driver reference in tty_open fail path When tty_driver_lookup_tty fails in tty_open, we forget to drop a reference to the tty driver. Fix that by adding tty_driver_kref_put to the fail path.
Use CVE-2011-5321. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVA3DXAAoJEKllVAevmvmsFMIH/1Qme8WOCcx7UQK/pwkVuJum Fz040QuNKK+TWi6yWNpXNXsMYRlJVdtGqfQ5MtfyrpxtYs8YNVYVMpce/HTtVByR neYXaOLe1APB/xftf1ohGnzl5J3pYd6b9Rv3dSMLa/Ox/1b+xaUdq+l4r751hX0x NGETRMX/ZGjKn77MAKauSSf1ZnS7Mm19NSfLGXc/Of5VAFTwGJ/1HM7t+p0l2grA kQYTzUqlVs3bC2ff2ACCL9TnT5JmeiUwMYZPa1ahdAvL2c7kShKHo/44ctzgpQQI An3oD26zoSRQe4tqv8URe3bDCVdAyH89R23bsQDC3o8lj/v9Wep4jbTZwP50RJ4= =w+iT -----END PGP SIGNATURE-----
Current thread:
- CVE request: Linux kernel: tty: kobject reference leakage in tty_open P J P (Mar 13)
- Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open Greg KH (Mar 13)
- Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open Kurt Seifried (Mar 13)
- Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open P J P (Mar 16)
- RE: CVE request: Linux kernel: tty: kobject reference leakage in tty_open Mehaffey, John (Mar 13)
- Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open cve-assign (Mar 13)
- Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open Greg KH (Mar 13)