oss-sec mailing list archives
Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read
From: John Haxby <john.haxby () oracle com>
Date: Fri, 3 Feb 2017 11:29:20 +0000
On 03/02/17 05:52, Wade Mealing wrote:
Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB-Out-of-Bounds Reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB-device is required. From full disclosure at: http://seclists.org/fulldisclosure/2016/Nov/75 If it has been assigned elsewhere, I am unable to see it.
The bugzilla link from the above isn't accessible. Are we missing any useful information? jch
Current thread:
- Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Wade Mealing (Feb 02)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read John Haxby (Feb 03)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Andreas Stieger (Feb 03)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read Wade Mealing (Feb 05)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read cve-assign (Feb 04)
- Re: Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read John Haxby (Feb 03)