ACK: [PATCH 0/2][T] CVE-2015-8539, CVE-2017-15299 - Multiple issues in the kernel keyring
Stefan Bader
stefan.bader at canonical.com
Thu Sep 27 16:42:54 UTC 2018
On 14.09.2018 20:53, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8539.html
>
> The KEYS subsystem in the Linux kernel before 4.4 allows local users to
> gain privileges or cause a denial of service (BUG) via crafted keyctl
> commands that negatively instantiate a key, related to
> security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and
> security/keys/user_defined.c.
>
> https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-15299
>
> The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of
> add_key for a key that already exists but is uninstantiated, which allows
> local users to cause a denial of service (NULL pointer dereference and
> system crash) or possibly have unspecified other impact via a crafted
> system call.
>
> These patches have been tested with the reproducers for both CVEs as
> well as the test-ecryptfs-utils.py QRT test which makes use of the
> kernel keyring when setting up and decrypting user's home directories.
>
> Tyler
>
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180927/44493486/attachment.sig>
More information about the kernel-team
mailing list