Bug 1020693 - (CVE-2016-10150) VUL-0: CVE-2016-10150: kernel-source: kvm: use-after-free issue while creating devices
(CVE-2016-10150)
VUL-0: CVE-2016-10150: kernel-source: kvm: use-after-free issue while creatin...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
Current
Other Other
: P5 - None : Normal (vote)
: Current
Assigned To: E-mail List
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-01-18 17:48 UTC by Mikhail Kasimov
Modified: 2017-01-20 09:20 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2017-01-18 17:48:39 UTC
Ref: http://seclists.org/oss-sec/2017/q1/134
===============================================
  Hello,

Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support is vulnerable to a use-after-free flaw. It could occur while creating devices, via ioctl('/dev/kvm', ...) calls.


A user/process could use this flaw to crash the host kernel resulting in DoS or potentially escalate their privileges on a system.


Upstream patch:
---------------
  -> https://git.kernel.org/linus/a0f1d21c1ccb1da66629627a74059dd7f5ac9c61

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1414506

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===============================================
Comment 1 Andreas Stieger 2017-01-18 22:22:17 UTC
from 4.8, fixed from 4.9-rc8.
Tumbleweed kernel only
Comment 2 Andreas Stieger 2017-01-18 22:26:37 UTC
where it is already fixed