oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: Linux kernel: tty: kobject reference leakage in tty_open

From: cve-assign () mitre org
Date: Fri, 13 Mar 2015 19:24:20 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Linux kernel built with the virtual console support(CONFIG_VT) is vulnerable
to a NULL pointer dereference issue. It could occur while accessing pseudo
terminal device(/dev/pts/*) files.

An unprivileged user could use this flaw to crash the system kernel resulting
in DoS.

https://git.kernel.org/linus/c290f8358acaeffd8e0c551ddcc24d1206143376



TTY: drop driver reference in tty_open fail path

When tty_driver_lookup_tty fails in tty_open, we forget to drop a reference to the tty driver.

Fix that by adding tty_driver_kref_put to the fail path. 


Use CVE-2011-5321.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVA3DXAAoJEKllVAevmvmsFMIH/1Qme8WOCcx7UQK/pwkVuJum
Fz040QuNKK+TWi6yWNpXNXsMYRlJVdtGqfQ5MtfyrpxtYs8YNVYVMpce/HTtVByR
neYXaOLe1APB/xftf1ohGnzl5J3pYd6b9Rv3dSMLa/Ox/1b+xaUdq+l4r751hX0x
NGETRMX/ZGjKn77MAKauSSf1ZnS7Mm19NSfLGXc/Of5VAFTwGJ/1HM7t+p0l2grA
kQYTzUqlVs3bC2ff2ACCL9TnT5JmeiUwMYZPa1ahdAvL2c7kShKHo/44ctzgpQQI
An3oD26zoSRQe4tqv8URe3bDCVdAyH89R23bsQDC3o8lj/v9Wep4jbTZwP50RJ4=
=w+iT
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: