oss-sec mailing list archives
Re: Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer
From: Alexander Potapenko <glider () google com>
Date: Tue, 20 Jun 2017 17:35:00 +0200
On Tue, Jun 13, 2017 at 5:18 PM, Adam Maris <amaris () redhat com> wrote:
https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728For reference, CVE-2017-1000380 was assigned for this issue. Regards, -- Adam Mariš, Red Hat Product Security 1CCD 3446 0529 81E3 86AF 2D4C 4869 76E7 BEF0 6BC2
Please find the PoC exploit attached. -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
Attachment:
snd_timer.c
Description:
Current thread:
- Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer Alexander Potapenko (Jun 12)
- Re: Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer Adam Maris (Jun 13)
- Re: Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer Alexander Potapenko (Jun 20)
- Re: Linux kernel 2.6.0 to 4.12-rc4 infoleak due to a data race in ALSA timer Adam Maris (Jun 13)