oss-sec mailing list archives
Re: Security issue in Linux Kernel Keyring (CVE-2015-1333)
From: Tyler Hicks <tyhicks () canonical com>
Date: Tue, 28 Jul 2015 12:26:33 -0500
On 2015-07-27 09:18:55, Tyler Hicks wrote:
While improving the system call coverage in stress-ng[1], Colin Ian King discovered a bug in the Linux kernel keyring that can be used to cause a local denial of service due to memory exhaustion when the same key is repeatedly added to the kernel keyring via the add_key() syscall. This issue has been assigned CVE-2015-1333.
mancha pinged me on IRC while trying to figure out what kernel versions are affected and I realized that I forgot to include an import detail in my original email. The following commit introduced the issue: commit 034faeb9ef390d58239e1dce748143f6b35a0d9b Date: Wed Oct 30 11:15:24 2013 +0000 KEYS: Fix keyring quota misaccounting on key replacement and unlink Which means that v3.13 and newer kernels are affected: $ git describe --contains 034faeb9ef390d58239e1dce748143f6b35a0d9b v3.13-rc1~18^2~6^2~2 Tyler
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks (Jul 27)
- Re: Security issue in Linux Kernel Keyring (CVE-2015-1333) Tyler Hicks (Jul 28)