oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request: Linux kernel: tty: kobject reference leakage in tty_open

From: P J P <ppandit () redhat com>
Date: Fri, 13 Mar 2015 23:30:23 +0530 (IST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

  Hello,

Linux kernel built with the virtual console support(CONFIG_VT) is vulnerable
to a NULL pointer dereference issue. It could occur while accessing pseudo
terminal device(/dev/pts/*) files.

An unprivileged user could use this flaw to crash the system kernel resulting
in DoS.

Upstream fix:
- -------------
  -> https://git.kernel.org/linus/c290f8358acaeffd8e0c551ddcc24d1206143376


Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVAyW3AAoJEN0TPTL+WwQfOCAP/3z7CRPQj4glHgVFdkxuzk1/
xlXwJJTRYlVDWe2F/lCbeP+jzQne37MzVl8Qma4OA2iAuySsRUQvjkc/6mMB6j+6
9LVg0XV6hlZl0oFmxcWbQlNQLuhJsHOPja863aNvKoDZbh6mVIGi98BOaBjeMQUd
Y81pGh5+BFYVk6hhcWPA2Zxok/MW+HN/JjvDqQReILsL5ApqRAxw0EBmZ3YpWBYL
oxdRUT2FoRTKB5FFEgm6KAQdTSc9iqnH/QUTE4/s5wMCy20lb6j9bIk7pKkE6VmA
XLwtioC/ttNR/Npe2kPXHm3KG4MH8Uftjd3IYdtJeJ7vjjgmPY3jAZZm/dBECWRZ
Q9waGh9k8t6pEhaCz4jql21m1uoHLritnrLuAz56dOfh3R6TS46QEKqf7IgaqZ41
psgQQKmX3gy9lyWoWdcWYgCvg5QJaW2lVotTTbCbSs/qfNmqJo2nMzTVL5UxTYic
Adj0Y3KvrkIbAjEdyaNmwOMqH2pq8LUb87wDlD4DD7pRzZDFV6vzXA7wL5Za7VOr
S8t3VvFfsMPUW+Y2zTdahWiGkgiQXxmFhaOC9KeSWFmgpxDQjJSPtdFdlRdu6gtX
9ZXd7JSkwcFPujAFJ4SHI67ilo1rnqh3n6HZqOtaKTQCn6L7Mnn3ht/vumkxQpbF
qjvQJOX+4OcFRe025MOM
=ZQtV
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: