oss-sec mailing list archives
Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation
From: Marc Kleine-Budde <mkl () pengutronix de>
Date: Fri, 28 May 2021 18:19:30 +0200
On 28.05.2021 17:41:03, Oliver Hartkopp wrote:
this patch ("can: isotp: prevent race between isotp_bind() and isotp_setsockopt()") has hit Linus' tree ~36h ago: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/can?id=2b17c400aeb44daf041627722581ade527bb3c1d It has a CVE number and is potentially exploitable - but it was not in the latest batch of stable kernels about ~4h ago. It was obviously not tagged properly for stable kernels but has a fixes-tag:
Oh - there was a change if networking stable handling: | dbbe7c962c3a docs: networking: drop special stable handling I've missed the memo, sorry. regards, Marc -- Pengutronix e.K. | Marc Kleine-Budde | Embedded Linux | https://www.pengutronix.de | Vertretung West/Dortmund | Phone: +49-231-2826-924 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Attachment:
signature.asc
Description:
Current thread:
- Linux kernel: net/can/isotp: race condition leads to local privilege escalation Norbert Slusarek (May 11)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Salvatore Bonaccorso (May 11)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Norbert Slusarek (May 13)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Solar Designer (May 14)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Oliver Hartkopp (May 28)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Marc Kleine-Budde (May 28)
- Re: Linux kernel: net/can/isotp: race condition leads to local privilege escalation Greg Kroah-Hartman (May 29)