Bug 562597 - kernel: ima: fix null pointer dereference
Summary: kernel: ima: fix null pointer dereference
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 562598
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-02-07 15:48 UTC by Eugene Teo (Security Response)
Modified: 2019-09-29 12:34 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-06-21 00:51:19 UTC
Embargoed:

Attachments (Terms of Use)
mainline fix (1.21 KB, patch)
2010-02-07 17:09 UTC, Alexander Viro 		no flags Details | Diff
View All

Description Eugene Teo (Security Response) 2010-02-07 15:48:54 UTC 
Description of problem:
This was introduced in 6c21a7fb4 (v2.6.33-rc1).

It was first reported here http://lkml.org/lkml/2009/12/29/13, and subsequently here http://lkml.org/lkml/2010/2/5/76 (backtraces).

This can be reproduced by running ltp test pipe07.

http://groups.google.com/group/linux.kernel/msg/95986c94ea55c81a.
https://bugzilla.redhat.com/show_bug.cgi?id=562597

Mainline fix: https://bugzilla.redhat.com/show_bug.cgi?id=562597#c3
Comment 1 Eugene Teo (Security Response) 2010-02-07 15:49:08 UTC 
How to mitigate against NULL pointer dereference vulnerabilities?
http://kbase.redhat.com/faq/docs/DOC-20536
Comment 3 Alexander Viro 2010-02-07 17:09:56 UTC 
Created attachment 389395 [details]
mainline fix
Comment 4 Eugene Teo (Security Response) 2010-02-09 08:10:00 UTC 
Upstream patch:
http://git.kernel.org/linus/89068c576bf324ef6fbd50dfc745148f7def202c
Comment 6 Eugene Teo (Security Response) 2010-06-21 00:46:40 UTC 
This patch was not needed as the problem it fixed was not backported from upstream.
Note You need to log in before you can comment on or make changes to this bug.