[PATCH 0/1][SRU][C] CVE-2019-9003 - IPMI use-after-free
Tyler Hicks
tyhicks at canonical.com
Tue Mar 5 15:15:30 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9003.html
In the Linux kernel before 4.20.5, attackers can trigger a
drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging
for certain simultaneous execution of the code, as demonstrated by a
"service ipmievd restart" loop.
Clean cherry pick. Build logs are clean. Smoke tested by booting the Cosmic
kernel and loading the ipmi_msghandler module.
Tyler
Yang Yingliang (1):
ipmi: fix use-after-free of user->release_barrier.rda
drivers/char/ipmi/ipmi_msghandler.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.7.4
More information about the kernel-team
mailing list