oss-sec mailing list archives
Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read
From: Wade Mealing <wmealing () redhat com>
Date: Fri, 3 Feb 2017 15:52:19 +1000
Gday, I'd like to ask for a CVE for the flaw the EXT4 filesystem as described as: Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB-Out-of-Bounds Reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB-device is required.
From full disclosure at:
http://seclists.org/fulldisclosure/2016/Nov/75 If it has been assigned elsewhere, I am unable to see it. Thanks, Wade Mealing Red Hat Product Security
Current thread:
- Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Wade Mealing (Feb 02)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read John Haxby (Feb 03)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Andreas Stieger (Feb 03)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Wade Mealing (Feb 05)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read cve-assign (Feb 04)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read John Haxby (Feb 03)