oss-sec mailing list archives

CVE Request: Linux kernel: arm64: unhandled el0 traps

From: P J P <ppandit () redhat com>
Date: Thu, 8 Aug 2013 15:39:30 +0530 (IST)

Hi,

Linux kernel built for the ARM64(CONFIG_ARM64) platform is vulnerable to acrash when the processor generates trap/esr, that is not handled gracefully,which leads to bad_mode(), wherein it'll die() or oops().


A user/program could use this flaw to crash the kernel resulting in DoS.

Upstream fixes:
===============
 -> https://git.kernel.org/linus/381cc2b9705512ee7c7f1839cbdde374625a2a9f
 -> https://git.kernel.org/linus/9955ac47f4ba1c95ecb6092aeaefb40a22e99268

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Current thread:

CVE Request: Linux kernel: arm64: unhandled el0 traps P J P (Aug 08)
- Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Kurt Seifried (Aug 08)
- Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Greg KH (Aug 08)
  - Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Kurt Seifried (Aug 08)