oss-sec mailing list archives
CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesystem
From: Vladis Dronov <vdronov () redhat com>
Date: Mon, 23 Nov 2015 06:15:57 -0500 (EST)
Hello, If possible, we would like to obtain a CVE-ID for the following security issue. It was reported that there are some exit paths in ext4_fill_super() which result in destruction of workqueue which is not yet initialized, leading to kernel NULL pointer dereference. A privileged user with permission to mount a filesystem or anybody having physical access to the system's USB port and prepared filesystem on USB disk which will be automatically mounted can cause system panic and thus DoS. References: https://bugs.openvz.org/browse/OVZ-6541 - initial public disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1267261 - red hat public bug commit 744692dc059845b2a3022119871846e74d4f6e11 - upstream Linux kernel commit which fixes the issue (only part of the commit is related). Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- CVE request -- [media] usbvision: usbvision_probe() can trigger a kernel NULL pointer dereference Vladis Dronov (Nov 13)
- Re: CVE request -- [media] usbvision: usbvision_probe() can trigger a kernel NULL pointer dereference Vladis Dronov (Nov 13)
- CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesystem Vladis Dronov (Nov 23)