oss-sec mailing list archives
CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c
From: Vladis Dronov <vdronov () redhat com>
Date: Fri, 11 Nov 2016 07:51:26 -0500 (EST)
Hello, Let me please inform that it was discovered by Marco Grassi <marco.gra () gmail com> (many thanks) that the Linux kernels since at least v4.0 are crashing in tcp_collapse() after making a number of certain syscalls. RHEL-7 kernels (3.10.0-xxx) are not vulnerable. Also, the upstream kernels since v4.9-rc1 are not vulnerable too, as they have the commit c9c3321257. Unfortunately, this commit is not fix, but just a workaround. I'm not aware of any fix as of now. CVE-2016-8645 was assigned to this flaw internally by the Red Hat, please, use this CVE-ID in communications regarding this flaw. Discussion at stable@: http://www.spinics.net/lists/stable/msg150470.html Discussion at netdev@: http://www.spinics.net/lists/netdev/msg403701.html http://marc.info/?l=linux-netdev&m=147878925724283&w=2 http://marc.info/?t=147878927800005&r=1&w=2 # the whole thread Red Hat public BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1393904 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 11)
- Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 11)
- Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 16)
- Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 30)
- Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 16)
- Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c Vladis Dronov (Nov 11)