oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request -- linux kernel: Null pointer dereference when mounting ext4 filesystem

From: cve-assign () mitre org
Date: Mon, 23 Nov 2015 16:27:48 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


It was reported that there are some exit paths in ext4_fill_super() which result
in destruction of workqueue which is not yet initialized, leading to kernel NULL
pointer dereference. A privileged user with permission to mount a filesystem or
anybody having physical access to the system's USB port and prepared filesystem
on USB disk which will be automatically mounted can cause system panic and thus
DoS.

https://bugs.openvz.org/browse/OVZ-6541 - initial public disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1267261 - red hat public bug

commit 744692dc059845b2a3022119871846e74d4f6e11 - upstream Linux kernel commit
which fixes the issue (only part of the commit is related).



http://ftp.linux.org.uk/pub/linux/linux-2.6/ChangeLog-2.6.34
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11


As far as we can tell, what you mean is that:

  - "[media] usbvision: usbvision_probe() can trigger a kernel NULL
    pointer dereference" in the "Thread-Topic" header of your message
    is completely unrelated to the vulnerability. That header
    apparently originated in a message you composed a few weeks ago.

  - this is an ext4 issue that was fixed in 2.6.34 in May 2010

  - the possible security relevance wasn't publicly described until
    2015

Use CVE-2015-8324.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWU4RmAAoJEL54rhJi8gl5750P/35CCN2s9KIAsEXcMmxtyXQh
kF9RUSoIm/jjBJHr2BYNnuzKXuk62InfdsgPPI4zFRTFXfLZaY+XJootyv4iSwVO
a9u4hYuVktm4HdEnRmKcOwTjXVGnVKXT+Ax9rMWD8w/OeZTyjVAf4EI/ETvyRlFl
unuRQ9XqlEUr44iF+FmgqFXBUxCghZPGBTFlAZxgvEiXN7md4mtUOgmnSyD+fdbR
wHDQxqh70ErQ+qUajK1wDxDT52YcwnzK9MRf44AiE7+HFMtANGB1fzhOUJM6h0aD
lHPsn+N9+QjZlcCz2sEYBQakJaGoUzZl0//J//CZWNGmUwDxGopNSBdEDVfCWshD
8opUhDMkWQfr2Tk9WOrjas4ZMiSjN6qksJqWzDzvJjdSqn3jX3Z7ougFl7TUN9Mb
ItPHWRNlUYHGFgBp4A9MjADwib/LxSQ+lbC5FM/T5E+kwTU7Umf1P0fr6LRpbASU
IEJDgy3l25NlGeZ6bzYsUwzNgoUqvY6o9O/yvh2kwP4wHgIBSYrW2Or2xx7P5TAj
+dab6qsJ019bZW56m8gWnGTf/hD0pgIMGSQGaOQOe5mtocfVohZm0ZZfyltRhJqO
ZOLLtjmtlL9FSSEJtQqiUWCvFztp5C/WFSWkfsLjCm5Yoy3bHbTK9HJ+aIlI7hJq
O90sihjXAtWBittcww4m
=Iq/e
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: