oss-sec mailing list archives
Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam
From: cve-assign () mitre org
Date: Sat, 2 May 2015 11:28:17 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
https://github.com/torvalds/linux/commit/a134f083e79fb4c3d0a925691e732c56911b4326
... networking fixes ... 6) Unhash ping sockets properly.
a use-after-free bug which can lead to kernel arbitrary execution in Linux kernel
to trigger the bug you need direct access to a ping socket
For linux PC, the normal user does not have the privilege to create a icmp(ping) socket
we've successfully seen the potential that we can take advantage of this bug to achieve privilege escalation (root) on android
Use CVE-2015-3636. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVROvqAAoJEKllVAevmvmsyW4H/A4+sd5as/co6gUwbk8Nk0K8 +zA0YuvAVzHWaCPgcZixhPUJRtxT//cUHQaMBVSHCXECR6cdlvCWiD8z1AzsI3wX ECaMt7jJ1pdjXnuOfr8Fb4Qhu3JYfC4pVFspVOGb1Uk92XeICWBx7VdueRS1uisZ rpfgtgrsXiB4k5gRhP5M6pDzQzE1jlq1nA6Bqdq794YbrKwiU/F48h8uapKktZV2 acw6dsEgnPd2fnQEWWQ2KkS535DbFwbql/E9Zbknk+h+L6RGTiD69Qw6HgosCb49 ltzaJMKdF+KBGCJW4NLQbEH7hwzIvV4SRsUoKHv7TQM81OutzrEOo1UOSvkR+Ok= =FVXv -----END PGP SIGNATURE-----
Current thread:
- CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Wen Xu (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Solar Designer (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Wen Xu (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Solar Designer (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Vasily Kulikov (May 06)
- Linux kernel pointer poisoning (was: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam) Vasily Kulikov (May 07)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Wen Xu (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam cve-assign (May 02)
- Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam Solar Designer (May 02)