oss-sec mailing list archives

cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel

From: CAI Qian <caiqian () redhat com>
Date: Mon, 11 Jul 2016 13:49:51 -0400 (EDT)

I am requesting a CVE for this flaw.

An unprivileged user could run an exploit using rename syscall on
overlayfs on top of xfs to crash the kernel caused a denial of
service.

Exploit:
https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/syscalls/rename/rename13.c

Patch can be found here with more in depth description,
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d5ca871e72f2bb172ec9323497f01cd5091ec7
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca
   CAI Qian

Current thread:

cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel CAI Qian (Jul 11)
- Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel cve-assign (Jul 11)