<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: CVE-2020-35519 Linux kernel: x25_bind out-of-bounds read
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Salvatore Bonaccorso <carnil () debian org>
Date: Thu, 18 Mar 2021 07:04:00 +0100
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi,
On Wed, Mar 17, 2021 at 05:14:57PM -0400, Sasha Levin wrote:
On Thu, Mar 18, 2021 at 01:20:18AM +0530, Rohit Keshri wrote:
Hello Team,
An out-of-bounds (OOB) memory access flaw was found in x25_bind in
net/x25/af_x25.c in the Linux kernel. A bounds check failure allows a local
attacker with a user account on the system to gain access to out-of-bounds
memory, leading to a system crash or a leak of internal kernel information.
The highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability.
'CVE-2020-35519' was assigned by Red Hat.
This mail doesn't even mention where/how this is fixed. Is this
6ee50c8e262a ("net/x25: prevent a couple of overflows")?
If so, it's already fixed in all stable kernels.
How can the issue cause a leak btw?
Just as additional reference: I think this goes back to this report:
https://www.openwall.com/lists/oss-security/2020/11/15/2
In upstream this was fixed then if the above is correct in
v4.4.248
v4.9.248
v4.14.211
v4.19.162
v5.4.82
v5.9.13
v5.10-rc7
Regards,
Salvatore
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
CVE-2020-35519 Linux kernel: x25_bind out-of-bounds read Rohit Keshri (Mar 17)
Re: CVE-2020-35519 Linux kernel: x25_bind out-of-bounds read Sasha Levin (Mar 17)
Re: CVE-2020-35519 Linux kernel: x25_bind out-of-bounds read Salvatore Bonaccorso (Mar 17)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->