SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
Linux Kernel Thread Keyring Leak in keyctl_set_reqkey_keyring() Lets Local Users Consume Excessive Memory Resources
SecurityTracker Alert ID:  1038471
SecurityTracker URL:  http://securitytracker.com/id/1038471
CVE Reference:   CVE-2017-7472   (Links to External Site)
Date:  May 11 2017
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6.29-rc1 to 4.11-rc8
Description:   A vulnerability was reported in the Linux kernel. A local user can consume excessive memory on the target system.

A local user can exploit a flaw in the keyctl_set_reqkey_keyring() function to consume excessive kernel memory resources on the target system.

Impact:   A local user can consume excessive memory resources on the target system.
Solution:   The vendor has issued a source code fix, available at:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b

Vendor URL:  www.kernel.org/ (Links to External Site)
Cause:   Resource error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 8 2017 (Ubuntu Issues Fix) Linux Kernel Thread Keyring Leak in keyctl_set_reqkey_keyring() Lets Local Users Consume Excessive Memory Resources
Ubuntu has issued a fix for Ubuntu Linux 17.04.
Jun 8 2017 (Ubuntu Issues Fix) Linux Kernel Thread Keyring Leak in keyctl_set_reqkey_keyring() Lets Local Users Consume Excessive Memory Resources
Ubuntu has issued a fix for Ubuntu Linux 16.04 LTS.
Sep 19 2017 (Ubuntu Issues Fix) Linux Kernel Thread Keyring Leak in keyctl_set_reqkey_keyring() Lets Local Users Consume Excessive Memory Resources
Ubuntu has issued a fix for Ubuntu Linux 14.04 LTS.



 Source Message Contents

Subject:  [oss-security] CVE-2017-7472 Linux kernel: KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings

Hello,

A vulnerability was found in the Linux kernel from v2.6.29-rc1 (since
commit d84f4f992cbd) upto v4.11-rc8 (commit c9f838d104). It was found
that keyctl_set_reqkey_keyring() function leaks thread keyring which
allows unprivileged local user to exhaust kernel memory and thus to
cause DoS.

cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
cwe=CWE-400

References:

https://lkml.org/lkml/2017/4/1/235

https://lkml.org/lkml/2017/4/3/724

https://bugzilla.redhat.com/show_bug.cgi?id=1442086

https://bugzilla.novell.com/show_bug.cgi?id=1034862

Upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c9f838d104fed6f2f61d68164712e3204bf5271b

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC