APPLIED: [SRU X/B/D/E/F] CVE-2020-10711
Khaled Elmously
khalid.elmously at canonical.com
Fri Jun 5 05:14:08 UTC 2020
On 2020-05-25 15:24:12 , Thadeu Lima de Souza Cascardo wrote:
> Description:
> A NULL pointer dereference issue was found in the Linux kernel's SELinux
> subsystem. It occurs while importing the Commercial IP Security Option
> (CIPSO) protocol's category bitmap into SELinux's extensible bitmap via
> 'ebitmap_netlbl_import' routine. While parsing the CIPSO restricted bitmap
> tag in 'cipso_v4_parsetag_rbm' routine, it sets the security attribute flag
> to indicate that category bitmap is present, even if it has not been
> allocated. This leads to the said NULL pointer dereference issue while
> importing the same category bitmap into SELinux. A remote network user
> could use this flaw to crash the system kernel resulting in DoS scenario.
>
> This was built tested for all series, a clean cherry-pick save for Xenial,
> where IPv6 CALIPSO is not supported.
>
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list