Issue metadata
Sign in to add a comment
|
CrOS: CVE-2017-8797: Vulnerability reported in Linux kernel |
||||||||||||||||||||||||
Issue descriptionVOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. Advisory: CVE-2017-8797 Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-8797 CVSS severity score: 7.8/10.0 Description: The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system. This bug was filed by http://go/vomit Please contact us at vomit-team@google.com if you need any assistance.
,
Jul 14 2017
Upstream: b550a32e60a4 nfsd: fix undefined behavior in nfsd4_layout_verify 05b7278d510a nfsd: fix oops on unsupported operation
,
Jul 14 2017
Enabled in and affects Lakitu kernel (chromeos-4.4).
,
Jul 14 2017
,
Jul 14 2017
Upstream:
f961e3f2acae nfsd: encoders mustn't use uninitialized values in error cases
Already applied.
b550a32e60a4 does not apply to 4.4 kernels.
05b7278d510a does not apply to 4.4 kernels.
,
Oct 22 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by groeck@chromium.org
, Jul 14 2017Status: Assigned (was: Untriaged)
Summary: CrOS: CVE-2017-8797: Vulnerability reported in Linux kernel (was: CrOS: Vulnerability reported in Linux kernel)