Bug 1218879 (CVE-2015-4170)
Summary: | CVE-2015-4170 kernel: pty layer race condition on tty ldisc shutdown. | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Wade Mealing <wmealing> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | agordeev, aquini, arm-mgr, bhu, blc, carnil, dhoward, esammons, fhrbata, gansalmon, hannsj_uhl, iboverma, itamar, jforbes, jkacur, joelsmith, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, lgoncalv, lwang, madhu.chinakonda, matt, mchehab, mcressma, mguzik, mlangsdo, nmurray, pholasek, plougher, pmatouse, rt-maint, rvrbovsk, slawomir, slong, vdronov, vgoyal, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
A flaw was discovered in the way the Linux kernel's TTY subsystem handled the tty shutdown phase. A local, unprivileged user could use this flaw to cause denial of service on the system by holding a reference to the ldisc lock during tty shutdown, causing a deadlock.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-07-12 15:14:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1183479, 1248300, 1248301, 1248302, 1278751, 1332164, 1343555 | ||
Bug Blocks: | 1188620 |
Description
Wade Mealing
2015-05-06 06:29:14 UTC
Statement: This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6. This issue affects the Linux kernel packages kernel as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2411 https://rhn.redhat.com/errata/RHSA-2015-2411.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2152 https://rhn.redhat.com/errata/RHSA-2015-2152.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7.1 Extended Update Support Via RHSA-2016:1395 https://access.redhat.com/errata/RHSA-2016:1395 |