Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CLONE_NEWUSER local DoS
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 06 Aug 2013 08:48:01 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/06/2013 08:31 AM, Petr Matousek wrote:
Hello,

spender reported [1] a local DoS triggerable by unprivileged user
when user namespaces are enabled (CONFIG_USER_NS).

[1] https://twitter.com/grsecurity/status/364566062336978944

Reproducer:

b836010000bb00000010cd80ebf2 is for(;;)unshare(1<<28);

Best regards,


Confirmed with Petr that he confirmed this issue. Please use
CVE-2013-4205 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJSAQyhAAoJEBYNRVNeJnmT4B0P/A+XAjTt9KdAWV3cyAGj6YLe
3ew+tsXjVXp94QM0ab2eODKlg1HD82v+yd1l5SjpweqQVcHwAT1kw2vHB4IPcjrT
1G9Rqzt0BSU95vNcpvIiOAjm34s7JBjVe6goItnxOJ53+La2YmzyqI/r3EUIRtfe
TvdO27J9AY7VDnBYtKARZ1QYkxlGNz39H038V06HdtBKLrh+ta88JQDqhoO0gKNq
3Ud4VJy+RFiDOYb3S42v3luPG3sE4lcfTQtrAms+iLlRhI3IeqsuSvF0MQdAfOl7
enIhm3q6gJAYstTJGCwln1/dk/RnzkNzMFDq37vc2s/Fs3G9miIH5DnXH+ecS2Mb
7niBoXJD5J6ahywAQjmpwXyKB6g2RUHpOavpUZqH7PmlO6rp0ABnsohXax0YjFys
4eVb4Cwu2jBoACH4LaziBH7mGcGYwBKFp826yiqQ2S+c8CFThn4of9eYeCwAn/Cp
7MGbCLHlqRx0f+/8eRXZ0F04+EtJRWb7kVW5oyHbq6/aSfeQvoqv/wwAef+TWF4Y
kLGtxpAEoOvKH2I3PiFiJ+gzpM2XNNWTZzLkA6VvhtflsU+a+7/pMd3bNVftA74t
xC4SfscWQvqqBjMtUh66vwH0TJ8XxibX+RMsiD0WitrfGEpRvuf41dntOAqmvw8r
yn21AfyfhYgnp6FR/c9i
=H7i9
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault