oss-sec mailing list archives
CVE-2017-7874 versus CVE-2009-1185 ?
From: Sebastian Krahmer <krahmer () suse com>
Date: Wed, 19 Apr 2017 11:21:24 +0200
Hi I stumbled across https://twitter.com/info_dox/status/854372066228932609 that is curious about an udev+kernel exploit (https://packetstormsecurity.com/files/142152/Linux-Kernel-4.8.0-udev-232-Privilege-Escalation.html) which claims to exploit a missing sender-check within udev. That makes me wonder, as kernel 4.8.0 (and even earlier) no longer allow users to send NETLINK_KOBJECT_UEVENT messages. Our testcases fail, as they should: https://bugzilla.suse.com/show_bug.cgi?id=1034330 However, MITRE apparently assigned a valid CVE for it: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7874 So either we miss some weird corner case or the CVE is invalid and should be withdrawn? Sebastian -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer () suse com - SuSE Security Team
Current thread:
- CVE-2017-7874 versus CVE-2009-1185 ? Sebastian Krahmer (Apr 19)
- Re: CVE-2017-7874 versus CVE-2009-1185 ? Marcus Meissner (Apr 19)