|Summary:||sys-kernel/gentoo-sources: denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls|
|Product:||Gentoo Security||Reporter:||Christopher Díaz Riveros (RETIRED) <chrisadr>|
|Component:||Kernel||Assignee:||Gentoo Kernel Security <security-kernel>|
|Package list:||Runtime testing required:||---|
Description Christopher Díaz Riveros (RETIRED) 2017-07-12 19:13:54 UTC
From $URL: Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device. References: https://github.com/torvalds/linux/commit/a0f1d21c1ccb1da66629627a74059dd7f5ac9c61 http://www.securityfocus.com/bid/95672 BID 95672 Linux Kernel CVE-2016-10150 Denial of Service Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1414506 http://www.openwall.com/lists/oss-security/2017/01/18/10 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0f1d21c1ccb1da66629627a74059dd7f5ac9c61 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.13 CONFIRM
Comment 1 dwfreed 2017-07-12 19:50:09 UTC
This bug does not exist in any currently available gentoo-sources version. The fixed kernel was released 7 months ago, and the only stable branch that contained this bug was EOLed 6 months ago.
Comment 2 Christopher Díaz Riveros (RETIRED) 2017-07-12 20:43:52 UTC
It would be a good idea to clean the metadata from the package, I didn't know wich one of them still stable thanks
Comment 3 Kristian Fiskerstrand 2017-07-13 15:41:55 UTC
(In reply to dwfreed from comment #1) > This bug does not exist in any currently available gentoo-sources version. > The fixed kernel was released 7 months ago, and the only stable branch that > contained this bug was EOLed 6 months ago. For posterity (it would be helpful if comments like these were specific to begin with); I take it by EOLed you mean upstream? Would you happen to have information in which versions of the various stable branches this is fixed in? and if we still have a branch stable that is EOLed we likely want to consider a package mask, or at least cleaning the versions from the gentoo repository.