ACK: [SRU X/B/D/E/F] CVE-2020-10711
Stefan Bader
stefan.bader at canonical.com
Tue May 26 07:07:13 UTC 2020
On 25.05.20 20:24, Thadeu Lima de Souza Cascardo wrote:
> Description:
> A NULL pointer dereference issue was found in the Linux kernel's SELinux
> subsystem. It occurs while importing the Commercial IP Security Option
> (CIPSO) protocol's category bitmap into SELinux's extensible bitmap via
> 'ebitmap_netlbl_import' routine. While parsing the CIPSO restricted bitmap
> tag in 'cipso_v4_parsetag_rbm' routine, it sets the security attribute flag
> to indicate that category bitmap is present, even if it has not been
> allocated. This leads to the said NULL pointer dereference issue while
> importing the same category bitmap into SELinux. A remote network user
> could use this flaw to crash the system kernel resulting in DoS scenario.
>
> This was built tested for all series, a clean cherry-pick save for Xenial,
> where IPv6 CALIPSO is not supported.
>
>
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20200526/a3a32cb3/attachment.sig>
More information about the kernel-team
mailing list