ACK: [SRU X/B/D/E/F] CVE-2020-10711
Andrea Righi
andrea.righi at canonical.com
Tue May 26 07:14:33 UTC 2020
On Mon, May 25, 2020 at 03:24:12PM -0300, Thadeu Lima de Souza Cascardo wrote:
> Description:
> A NULL pointer dereference issue was found in the Linux kernel's SELinux
> subsystem. It occurs while importing the Commercial IP Security Option
> (CIPSO) protocol's category bitmap into SELinux's extensible bitmap via
> 'ebitmap_netlbl_import' routine. While parsing the CIPSO restricted bitmap
> tag in 'cipso_v4_parsetag_rbm' routine, it sets the security attribute flag
> to indicate that category bitmap is present, even if it has not been
> allocated. This leads to the said NULL pointer dereference issue while
> importing the same category bitmap into SELinux. A remote network user
> could use this flaw to crash the system kernel resulting in DoS scenario.
>
> This was built tested for all series, a clean cherry-pick save for Xenial,
> where IPv6 CALIPSO is not supported.
Looks good to me.
Acked-by: Andrea Righi <andrea.righi at canonical.com>
More information about the kernel-team
mailing list