Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: Linux kernel: arm64: unhandled el0 traps
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 08 Aug 2013 19:22:20 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/08/2013 06:02 PM, Greg KH wrote:
On Thu, Aug 08, 2013 at 03:39:30PM +0530, P J P wrote:
Hi,

Linux kernel built for the ARM64(CONFIG_ARM64) platform is 
vulnerable to a crash when the processor generates trap/esr, that
is not handled gracefully, which leads to bad_mode(), wherein
it'll die() or oops().

A user/program could use this flaw to crash the kernel resulting
in DoS.

Upstream fixes: =============== ->
https://git.kernel.org/linus/381cc2b9705512ee7c7f1839cbdde374625a2a9f


- -> https://git.kernel.org/linus/9955ac47f4ba1c95ecb6092aeaefb40a22e99268

CVE requests for code that can only run on a processor that is not 
shipping yet?  Isn't there a rule somewhere about CVEs not being
allowed for stuff like this?

thanks,

greg k-h


Nope, they are shipping now. Not widely available, but a few more
months will fix that.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJSBERMAAoJEBYNRVNeJnmTxXsQANPLOTc262rGI6ql/qSnopKL
o9ykos218wh+XS1f1JTK38avZFzzv0jw7dkqXwD0pbYCj02XDz30nqv/Wr3HAZav
o+Rw4xUTQFldKcA3YBW51Os595RXIvEFHTT3BWPrz/h0S5DvEnUjJzMksk7GR3EH
p5J5SOHfxV/7kzzCMsY9dKEMoY5EWlUtJ0a9yQSLcJ4L2eh7rTHmXFm0JO+inaUo
liGQKi786GS9Fsvso/Ssey8Z9flcQLJQp+8v0OHemcvXA8gd/T5TL2zJZVcavYAI
sNFYzylRCKq1XkiEK1epllVv3+bgs4Gm7a2lnhQArMiZxtqwHdjA5jW0DAaaxrd+
QYAZKmzC2HyIYn6tcyXclK4gj8ueOuiEvcfF6FYex7XwdFC2CxIZFmPUlDk3M9Ng
FKKkfvxDMFKrUuHFSDWUmXApokBhCBO0//mW0F5mkKX9h1lfQfZjRnc2coH65ZMd
MDsTf2xGd89ONhEzWu+yFSHTvchFjMOaHTZ770qvcrboC+vfP/BM2ImIJ5bvjEr4
Ra5UVfApF6oQGTYk+lEkGPyqYR4mSX6DMLvJCWB+KsOsLRLQd9uHdTKTUWrbF0ye
bOCZhEbFq7dNWkyzy9MhOmPf3YVILxz9OM4qfKa9Ca+IsTWmWnZxfnrD6RZD98GD
EQnzfEWgCnei6aL/GdUi
=KqED
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]