Bug 1433252 (CVE-2017-6951)
Summary: | CVE-2017-6951 kernel: NULL pointer dereference in keyring_search_aux function | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | aquini, bhu, carnil, dhoward, dhowells, fhrbata, gansalmon, hannsj_uhl, htaira, hwkernel-mgr, iboverma, ichavero, itamar, jforbes, jkacur, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, madhu.chinakonda, matt, mchehab, mcressma, nmurray, pholasek, plougher, rt-maint, rvrbovsk, slawomir, vdronov, williams, wmealing, yozone | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: |
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allows local users to cause a denial of service via a request_key system call for the "dead" key type.
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | 2019-06-08 03:09:06 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1439264, 1471601, 1471602, 1471603, 1471604, 1471605, 1471606, 1471607, 1476140, 1476141, 1476142, 1490917 | ||||||
Bug Blocks: | 1433253 | ||||||
Attachments: |
|
Description
Andrej Nemec
2017-03-17 08:09:55 UTC
Created attachment 1268882 [details]
Fix to rename the 'dead' type to '.dead' to make syscalls reject the name
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1471601] Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue. This was fixed upstream in 4.11 kernels, and backported to 4.10.13 stable series. The fix was pushed to all Fedora releases with 4.10.13 on 2017-05-04. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842 This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669 |