New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 793258 link

Starred by 1 user
Status: Duplicate
Merged: issue 789497
Owner:
groeck@chromium.org
Closed: Dec 2017
Cc:
wonderfly@chromium.org
chromeos-kernel-security-bug-access@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Security



Sign in to add a comment

CVE-2017-16994 CrOS: Vulnerability reported in Linux kernel

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Dec 8 2017 
VOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. 

Advisory: CVE-2017-16994
  Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-16994
  CVSS severity score: 2.1/10.0
  Description:

The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.



This bug was filed by http://go/vomit
Please contact us at vomit-team@google.com if you need any assistance.

Comment 1 by groeck@chromium.org, Dec 8 2017

Cc: wonderfly@chromium.org
Labels: M-64 Security_Severity-Low Security_Impact-Stable Pri-2
Owner: groeck@chromium.org
Status: Assigned (was: Untriaged)

Comment 2 by groeck@chromium.org, Dec 8 2017

Mergedinto: 789497
Status: Duplicate (was: Assigned)
Upstream commit 373c4557d2aa3 ("mm/pagewalk.c: report holes in hugetlb ranges"). Already fixed.
Project Member

Comment 3 by sheriffbot@chromium.org, Mar 17 2018

Labels: allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment