oss-sec mailing list archives
Re: CVE request: kernel: Unix sockets kernel panic
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 10 Nov 2008 13:07:16 -0500 (EST)
====================================================== Name: CVE-2008-5029 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029 Reference: MLIST:[linux-netdev] 20081106 UNIX sockets kernel panic Reference: URL:http://marc.info/?l=linux-netdev&m=122593044330973&w=2 Reference: MLIST:[oss-security] 20081106 CVE request: kernel: Unix sockets kernel panic Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/06/1 Reference: MISC:http://darkircop.org/unix.c Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=470201 Reference: BID:32154 Reference: URL:http://www.securityfocus.com/bid/32154 The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Current thread:
- CVE request: kernel: Unix sockets kernel panic Eugene Teo (Nov 06)
- Re: CVE request: kernel: Unix sockets kernel panic Steven M. Christey (Nov 10)
- Re: CVE request: kernel: Unix sockets kernel panic Eugene Teo (Nov 11)
- Re: CVE request: kernel: Unix sockets kernel panic dann frazier (Nov 21)
- Re: CVE request: kernel: Unix sockets kernel panic Eugene Teo (Dec 01)
- Re: CVE request: kernel: Unix sockets kernel panic Steven M. Christey (Dec 03)
- Re: CVE request: kernel: Unix sockets kernel panic dann frazier (Nov 21)