oss-sec mailing list archives
kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
From: Vladis Dronov <vdronov () redhat com>
Date: Thu, 13 Oct 2016 08:46:51 -0400 (EDT)
Hello, It was found that when gcc stack protector is turned on, proc_keys_show() can cause a panic in the Linux kernel due to the stack corruption. This happens because xbuf[] is not big enough to hold a 64-bit timeout value rendered as weeks. CVE-2016-7042 was assigned to this flaw internally by the Red Hat. Please, use it in the public communications regarding this flaw. References: https://bugzilla.redhat.com/show_bug.cgi?id=1373966 (patch) https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch) Note: Unfortunately, I'm not sure if the patch was already sent to security () kernel org or alike by the patch author. Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Vladis Dronov (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Greg KH (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Vladis Dronov (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) John Haxby (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) P J P (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) John Haxby (Oct 14)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Petr Matousek (Oct 14)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Petr Matousek (Oct 14)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) John Haxby (Oct 14)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) P J P (Oct 13)
- Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042) Greg KH (Oct 13)