Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1514609 - (CVE-2017-15116) CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function
CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20170828,reported=2...
: Security
: 1490437 (view as bug list)
Depends On: 1519088 1485815 1519089 1519090 1519091 1519092 1519239
Blocks: 1490442 1564094
  Show dependency treegraph
 
Reported: 2017-11-17 16:22 EST by Pedro Sampaio
Modified: 2018-08-28 18:24 EDT (History)
49 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel's random number generator API. A null pointer dereference in the rngapi_reset function may result in denial of service, crashing the system.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:0676 None None None 2018-04-10 04:09 EDT
Red Hat Product Errata RHSA-2018:1062 None None None 2018-04-10 05:33 EDT

  None (edit)
Description Pedro Sampaio 2017-11-17 16:22:50 EST 
A flaw was found in the kernel random number generator api. A null pointer dereference in in rngapi_reset function may result in denial of service.  Crashing the system.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1485815

Upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8fded5925d0a733c46f8d0b5edd1c9b315882b1d
Comment 2 Wade Mealing 2017-11-30 01:14:49 EST 
Statement:

This issue does not affect the Linux kernel packages as shipped with Red Hat
Enterprise Linux 5 and 6 and kernel-alt.

This issue affects the Linux kernel packages as shipped with Red Hat
Enterprise Linux 7 and MRG-2.

Future Linux kernel updates for the respective releases may address this issue.
Comment 4 Pedro Sampaio 2017-11-30 08:41:57 EST 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1519239]
Comment 5 Pedro Sampaio 2017-11-30 08:42:54 EST 
Acknowledgments:

Name: ChunYu Wang (Red Hat)
Comment 8 Marcus Meissner 2017-12-12 05:36:32 EST 
do you have any reference to a patch for this bug?
Comment 9 Wade Mealing 2017-12-12 23:59:14 EST 
As per comment #0, I believe it was fixed in the upstream refactor. It does not affect current upstream.

The simple fix is to put a check in rngapi_reset checking for a slen of 0 then setting seed to null.
Comment 10 Wade Mealing 2018-04-06 02:48:24 EDT 
*** Bug 1490437 has been marked as a duplicate of this bug. ***
Comment 11 errata-xmlrpc 2018-04-10 04:09:12 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676
Comment 12 errata-xmlrpc 2018-04-10 05:32:46 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.