oss-sec mailing list archives
CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb
From: Andrey Konovalov <andreyknvl () google com>
Date: Tue, 22 Nov 2016 10:52:44 +0100
Hi, There's a bug in the Linux kernel sctp implementation which allows a remote attacker to trigger a slab-out-of-bounds access with an offset up to 64K bytes. The bug was fixed upstream: https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 More details are here: https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk Could you assign a CVE for this? Thanks!
Current thread:
- CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb Andrey Konovalov (Nov 22)
- Re: CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb cve-assign (Nov 22)