A security vulnerability in linux kernel 5.8.10

[Anthony Liguori <aliguori () amazon com>]

The following message was sent to the distros@ list.  Unfortunate the
sender was not responsive and it's unclear if it's actually an issue.
The report overall did not follow the policies of the list with the
information provided.

Per the distros list policy, we've past the 14 day mark and even with a
little extra time due to the holiday, this needs to be made public.

Posting follows below.

Regards,

Anthony Liguori

Subject: A security vulnerability in linux kernel 5.8.10
To: security () kernel org
Cc: linux-distros () vs openwall org
Date: Fri, 18 Dec 2020 16:53:59 +0800

¢þË: 梵 <luolikang () nsfocus com> 
¢Íʱä: 2020ê12Â18Õ 13:23
Õ¼È: 'security () kernel org' <security () kernel org>
։: change the poc

Sorry , please use this poc

¢þË: 梵 <luolikang () nsfocus com <mailto:luolikang () nsfocus com> > 
¢Íʱä: 2020ê12Â18Õ 11:46
Õ¼È: 'security () kernel org' <security () kernel org
<mailto:security () kernel org> >
։: A security vulnerability in linux kernel 5.8.10

Hello,
I have found a security vulnerability in linux kernel 5.8.10. When I use the
DCCP protocol to establish a connection, the kernel will crash.

My analysis are followed: When call the  ___slab_alloc function, it will
enter the new_slab branch, and the new_slab_objects will return a normal
freelist, but in  alloc_debug_processing, it will change the second object
ptr in freelist to an invalid address,and then cause dos.