CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam

[Wen Xu <hotdog3645 () gmail com>]

Hi,
Recently we found a use-after-free bug which can lead to kernel arbitrary
execution in Linux kernel.
The bug was reported to the linux security group and it has been fixed.(commit
a134f083e79f ("ipv4: Missing sk_nulls_node_init() in ping_unhash()"). You
can find the fix commit here:
https://github.com/torvalds/linux/commit/6c3c1eb3c35e8856d6dcb01b412316a676f58bbe
The bug exists in all versions of linux kernel. And the credit is to Wen Xu
and wushi of KeenTeam.
I am looking forward to your reply.

Thanks,
Wen Xu @ Keen Team



---------- Forwarded message ----------
From: Willy Tarreau <w () 1wt eu>
Date: 2015-05-02 15:43 GMT+08:00
Subject: Re: Socket Vulnerability Report (Lead to kernel arbitrary
execution) from KeenTeam
To: Wen Xu <hotdog3645 () gmail com>
Cc: Linus Torvalds <torvalds () linux-foundation org>, David Miller <
davem () davemloft net>, "security () kernel org" <security () kernel org>


On Sat, May 02, 2015 at 02:50:32PM +0800, Wen Xu wrote:
> Many thanks, we've already seen the patch commit ;)
> By the way, as security researchers, if we want a CVE number for this ping
> socket bug, where could we request for? What's the routine process for
this?

Now that the fix is public, you should ask oss-security, someone there
should provide you with one.

Thanks,
Willy