Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20150603175834.4FC0D6C004F@smtpvmsrv1.mitre.org>
Date: Wed,  3 Jun 2015 13:58:34 -0400 (EDT)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request Linux kernel: ns: user namespaces panic

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Linux kernel built with the user namespaces support(CONFIG_USER_NS) is
> vulnerable to a NULL pointer dereference flaw. It could occur when users in
> user namespaces do unmount mounts.
> 
> An unprivileged user could use this flaw to crash the system resulting in DoS.
> 
> Upstream fixes:
> ---------------
>    -> https://git.kernel.org/linus/820f9f147dcce2602eefd9b575bbbd9ea14f0953
>    -> https://git.kernel.org/linus/cd4a40174b71acd021877341684d8bb1dc8ea4ae

We feel that this is best covered by two CVE IDs. The
cd4a40174b71acd021877341684d8bb1dc8ea4ae issue seems to be about lack of
state identification (i.e., the state is whether the path is
mounted or unmounted), whereas the 820f9f147dcce2602eefd9b575bbbd9ea14f0953
issue seems to be about lack of internal consistency of a data structure.

We will send the two CVE IDs soon.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVbz/9AAoJEKllVAevmvmsPxQIAJBdaqPsp21s2Z3yzWem8/Jn
s8wC/BTA2XuVshILGaTSdxy97M73r+KEMO7KdVL/V8hrtz6h9F2WJobZOyWEI/UM
pDqzCVspGjeeP0V//otnFfO4nry7Hwz+ZyMz7GLw9xPv0oMuV/We5aSrWzeC1aoc
UKMP8lO3Rua4KvhJKPEzOwyBiQELe7oPUc2VoIcHtec0EPftGvldZXe62yrNXliC
8CYEdCqNF9Q1kHI8fbCknRZupwmOrWtKbYVowoPBOpReObdoEvCWTSGr4xHp+/kY
CBOTi/Pfw5RhyzY9d8pMIKcrRKc+bhgRh6b3bWdVzFHrKB8H80KaLN851LyYsOU=
=xXo+
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.