lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <20200320234513.9b05abe1ade85712db2d6478@linux-foundation.org>
Date:   Fri, 20 Mar 2020 23:45:13 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Entropy Moe <3ntr0py1337@...il.com>
Cc:     Randy Dunlap <rdunlap@...radead.org>, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org
Subject: Re: KASAN: stack-out-of-bounds Write in mpol_to_str

On Fri, 20 Mar 2020 12:36:38 +0400 Entropy Moe <3ntr0py1337@...il.com> wrote:

> Hello Randy,
> please see attached POC for the vulnerability.
> 

Thanks.  Ouch.  afaict shmem's S_IFREG inode's mpol's preferred_node is
messed up.

I don't think anyone has worked on this code in a decade or more.  Is
someone up to taking a look please?


> On Mon, Mar 16, 2020 at 10:46 PM Randy Dunlap <rdunlap@...radead.org> wrote:
> 
> > On 3/15/20 12:57 PM, Entropy Moe wrote:
> > > Hello team,
> > > how are you ?
> > > I wanted to report a bug on mempolicy.c. I found the bug on the latest
> > version of the kernel.
> > >
> > > which is stack out of bound vulnerability.
> > >
> > > I am attaching  report.
> > >
> > > If you need the POC crash code, I can provide.
> >
> > Hi Moe,
> >
> > Please post the POC code and your kernel .config file.
> >
> > thanks.
> > --
> > ~Randy
> >
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ