Bug 1422138 (CVE-2017-5967) - CVE-2017-5967 kernel: Time subsystem allows local users to discover real PID values
Summary: CVE-2017-5967 kernel: Time subsystem allows local users to discover real PID ...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2017-5967
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1422140 1422919 1422920
Blocks: 1422139
TreeView+ depends on / blocked
 
Reported: 2017-02-14 14:47 UTC by Andrej Nemec
Modified: 2019-09-29 14:07 UTC (History)
34 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The time subsystem in the Linux kernel, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c and the __timer_stats_timer_set_start_info function in kernel/time/timer.c.
Clone Of:
Environment:
Last Closed: 2017-02-22 12:53:45 UTC


Attachments (Terms of Use)

Description Andrej Nemec 2017-02-14 14:47:03 UTC
The time subsystem in the Linux kernel, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c and the __timer_stats_timer_set_start_info function in kernel/time/timer.c.

Initial discussion:

https://www.spinics.net/lists/kernel/msg2436969.html

Upstream bug:

https://bugzilla.kernel.org/show_bug.cgi?id=193921

Upstream patch:

http://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=dfb4357da6ddbdf57d583ba64361c9d792b0e0b1

Comment 1 Andrej Nemec 2017-02-14 14:50:52 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1422140]

Comment 6 Vladis Dronov 2017-02-17 09:55:22 UTC
Statement:

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.


Note You need to log in before you can comment on or make changes to this bug.