Bug 1057478 (CVE-2017-8281)

Summary: VUL-0: CVE-2017-8281: kernel-source: use after free in the recvmmsg exit path
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: E-mail List <kernel-maintainers>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P5 - None CC: smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/191517/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2017-09-06 20:04:27 UTC
rh#1489092

Use after free vulnerability in the recvmmsg exit path was found.

Patch:

https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id%3D9be5b16de622c2426408425e3df29e945cd21d37&sa=D&usg=AFQjCNHuM63XOo5Y0C7bMJQIIedBHSDKjw
Comment 1 Marcus Meissner 2017-09-06 20:06:57 UTC
This is a dup of CVE-2016-7117 in bug 1003077.
Comment 2 Marcus Meissner 2017-09-06 20:09:14 UTC
I filed a DUPLICATION request at Mitre.
Comment 3 Marcus Meissner 2017-09-06 20:16:09 UTC
dup

*** This bug has been marked as a duplicate of bug 1003077 ***