oss-sec mailing list archives
Re: CVE Request: Linux kernel: arm64: unhandled el0 traps
From: Greg KH <greg () kroah com>
Date: Thu, 8 Aug 2013 17:02:49 -0700
On Thu, Aug 08, 2013 at 03:39:30PM +0530, P J P wrote:
Hi, Linux kernel built for the ARM64(CONFIG_ARM64) platform is vulnerable to a crash when the processor generates trap/esr, that is not handled gracefully, which leads to bad_mode(), wherein it'll die() or oops(). A user/program could use this flaw to crash the kernel resulting in DoS. Upstream fixes: =============== -> https://git.kernel.org/linus/381cc2b9705512ee7c7f1839cbdde374625a2a9f -> https://git.kernel.org/linus/9955ac47f4ba1c95ecb6092aeaefb40a22e99268
CVE requests for code that can only run on a processor that is not shipping yet? Isn't there a rule somewhere about CVEs not being allowed for stuff like this? thanks, greg k-h
Current thread:
- CVE Request: Linux kernel: arm64: unhandled el0 traps P J P (Aug 08)
- Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Kurt Seifried (Aug 08)
- Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Greg KH (Aug 08)
- Re: CVE Request: Linux kernel: arm64: unhandled el0 traps Kurt Seifried (Aug 08)