Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8

[Eyal Itkin <eyal.itkin () gmail com>]

Hello,

The security patch was deployed yesterday in the official git repository of
linux, after the fix was reviewed and approved by me.
Therefore, CVE 2016-8633 can now be publicly disclosed.

Commit id of the fix:
    667121ace9dbafb368618dbabcf07901c962ddac
    https://git.kernel.org/linus/667121ace9db

Commit id of the mainline merge:
    03daa36f089f31002a2d0fb22088d3ebe3e28d98
    https://git.kernel.org/linus/03daa36f089f

Public disclosure details in my security blog:
    https://eyalitkin.wordpress.com/2016/11/06/cve-
publication-cve-2016-8633/

P.S. I CCed oss-security since in a second CVE (not public yet) I was told
by your colleague to send the publication request to oss-security.

Thanks for your help,
Eyal Itkin.

On Thu, Nov 3, 2016 at 1:03 PM, Red Hat Product Security <
secalert () redhat com> wrote:

> On Wed Nov 02 22:41:25 2016, eyal.itkin () gmail com wrote:
> > Hello,
> >
> > In a short security audit i made to the firewire driver in the linux
> > kernel, version 4.8, I found severe security vulnerabilities.
> >
> > After contacting security () kernel org, the driver's contributors have
> > confirmed my findings and have written a patch that fixes the
> > vulnerability:
> >
> > http://git.kernel.org/cgit/linux/kernel/git/ieee1394/
> > linux1394.git/commit/?h=testing&id=ff89027279ec57d69797cbae7c6816
> 72f1dbea71
> > [...]
>
> Hello Eyal,
>
> Thank you for reporting this issue and for your extensive analysis.
> Please, use
> CVE-2016-8633 for this issue. We'll treat this issue as embargoed for now.
>
> Best Regards,
>
> --
> Adam Mariš / Red Hat Product Security