oss-sec mailing list archives

CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb

From: Andrey Konovalov <andreyknvl () google com>
Date: Tue, 22 Nov 2016 10:52:44 +0100

Hi,

There's a bug in the Linux kernel sctp implementation which allows a
remote attacker to trigger a slab-out-of-bounds access with an offset
up to 64K bytes.

The bug was fixed upstream:
https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6

More details are here:
https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk

Could you assign a CVE for this?

Thanks!

Current thread:

CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb Andrey Konovalov (Nov 22)
- Re: CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb cve-assign (Nov 22)