avoid use-after-free in ep_remove_wait_queue in kernel-net-unix CVE-2013-7446

Tracked by Jolla (In progress)

asked 2017-08-24 09:32:37 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-09-13 19:29:57 +0300

lpr gravatar image

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

Patch for kernel-3.4 available.

files affected: kernel-adaptation-sbj-3.4.108.20161101.1/include/net/af_unix.h lines 59-64 kernel-adaptation-sbj-3.4.108.20161101.1/net/unix/af_unix.c lines 306 following...

edit retag flag offensive close delete