oss-sec mailing list archives
Re: CVE request: Linux kernel: tuntap refuse to re-attach to different tun_struct
From: Petr Matousek <pmatouse () redhat com>
Date: Fri, 10 May 2013 16:25:55 +0200
On Fri, May 10, 2013 at 05:33:37PM +0530, P J P wrote:
Linux kernels built with Universal TUN/TAP device driver(CONFIG_TUN) that includes multiqueue - ioctl(TUNSETQUEUE) - support, is vulnerable to a kernel crash while attaching a device to a new queue. A user/program could use this flaw to crash the system resulting in DoS. Upstream fix: ------------- -> https://git.kernel.org/linus/6e331f4c83021e4de2a2fc4981574b5d5b16c425 -> https://git.kernel.org/linus/7c0c3b1a8a175437991ccc898ed66ec5e4a96208
As both multiqueue support and fix for this issue were committed in 3.8 rc versions ((rc1 and rc4, respectively), please reject this request. Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request: Linux kernel: tuntap refuse to re-attach to different tun_struct P J P (May 10)
- Re: CVE request: Linux kernel: tuntap refuse to re-attach to different tun_struct Petr Matousek (May 10)