lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 1 Dec 2015 02:00:05 +0100
From:	Daniele Fucini <dfucini@...il.com>
To:	netdev@...r.kernel.org
Cc:	jhs@...atatu.com, davem@...emloft.net, spender@...ecurity.net,
	pageexec@...email.hu, re.emese@...il.com
Subject: size overflow in function qdisc_tree_decrease_qlen
 net/sched/sch_api.c

Hello,

I'm using a Grsecurity patched kernel (version 4.2.6-201511282239) and
I'm getting system freezes due to PaX detecting a size overflow in
function qdisc_tree_decrease_qlen net/sched/sch_api.c:769 whenever I use
Transmission BitTorrent client.

On the Grsecurity forum I was told it's probably an unintended integer
underflow that I should report upstream.

Here's the relevant log:
https://gist.github.com/cf54ccbb12ea65e146d4

And here's the thread on Grsecurity forum:
https://forums.grsecurity.net/viewtopic.php?f=3&t=4327

Let me know if there's any other information you need to help debug
this.

Daniele

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ