We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-11-09 07:56:29 +0200

lpr gravatar image

in packet_do_bind, test fanout with bind_lock held and hold bind lock when rebinding to fanout hook in kernel-packet CVE-2017-15649

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346. 7.8high

Patches |1| and |2| are available.

File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/packet/af_packet.c lines 1342-1345; 1351-1354; 2488-2497

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49