oss-sec mailing list archives

CVE request Linux kernel: net: guard tcp_set_keepalive against crash

From: P J P <ppandit () redhat com>
Date: Mon, 15 Sep 2014 17:03:47 +0530 (IST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   Hello,

Linux kernel built with the Networking support(CONFIG_NET) is vulnerable to a
crash, while resetting a socket timer. It could occur while doing a
setsockopt(SO_KEEPALIVE) call.

A privileged user/process able to create RAW socket could use this flaw to
crash the system kernel resulting in DoS.

Upstream fix:
- -------------
  -> https://git.kernel.org/linus/3e10986d1d698140747fcfc2761ec9cb64c1d582

Reference:
- ----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1141742


Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUFs6bAAoJEN0TPTL+WwQfMF0P/3tYlFTCHpF594o/p84wdpyK
KS6LaQIryYcxbZR6Pk28fpSf9bejXcj8RE0+eX2qCtZsCJYa2x8YhxoIppODqe+E
EhMzedgxBlnOyg8xfbi/Mj92uYuf3ipLBMyBdMUUop8rb7cXw3wCEX4rgG+cih5n
3EhlcBJu6qFcpn463CUFtWAkv+pGGYtA1Ts7qNJB1A2BuWWIo0RjnNWO7VpxnFum
b2BE2kVKkWCgT1UtDNFiTl3tOvuCQMjvmqSeFg/VdgWikXHEXjZVtOBi2JMzqkCA
qCJO5A54grC2HwIMvRKcd8JnUqVKdZ7j4oO6KVngEH+jDTrJgilRoQ4goa+g0Ex2
UWiHqF7Z5IdeT2xRsf8bA1yZCHvciJleuVincYw96x70KBDqB4GgafabUaPYVZbw
zwCm5sYB1yGecRjf3ggjIa9W1amJ6WH+R0We7AfK/wU7E0lmKJeQBYYT5i4dB+dg
S4weE7kBYxcyIIJ+76pkTWtG/mbPPV1RTZ4nih9QwgHtMM3Ak0fmuBNhR34w80BL
uj80qFXFs5ADnIpWKiE2091EJOQWrKVj22WVP5IznNGsUKvm7VItwjimfOFZRu32
AlzgjLRl4bq/GxNdLJGnirDW6HainPMIY4kZkdi4C7ItA81odIpdcEMol9QrcJjS
3RwyDR2QPgcqYmYCA3W/
=skE4
-----END PGP SIGNATURE-----

Current thread:

CVE request Linux kernel: net: guard tcp_set_keepalive against crash P J P (Sep 15)
- Re: CVE request Linux kernel: net: guard tcp_set_keepalive against crash cve-assign (Sep 15)