oss-sec mailing list archives

Re: Re: linux kernel do_blockdev_direct_IO invalid memory access

From: Greg KH <greg () kroah com>
Date: Wed, 12 Oct 2016 07:57:36 +0200

On Tue, Oct 11, 2016 at 12:27:08PM -0400, cve-assign () mitre org wrote:

BUG: KASAN: wild-memory-access on address 0005080000000000
https://gist.github.com/marcograss/40850adb3c599ac38e0beac31617d56b

  int fd = open("./hurrdurr", O_APPEND|O_RDWR|0x40);
  fcntl(fd, 4, 0x44000, 0, 0, 0);
  fallocate(fd, 0, 0x21, 0xafa6);
  sendfile(fd, fd, &offset, 0x800);


Use CVE-2016-8601.


That was fast, and pointless, as the bug has never been in a -rc kernel
release, and is currently fixed in Linus's tree.

So please mark this CVE as "unused" or however you withdraw a CVE, as it
doesn't affect anyone.

thanks,

greg k-h

Current thread:

linux kernel do_blockdev_direct_IO invalid memory access Marco Grassi (Oct 11)
- Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)
  - Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)
- Re: linux kernel do_blockdev_direct_IO invalid memory access cve-assign (Oct 11)
  - Re: Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)