Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference

To: Luke-Jr <luke@dashjr.org>, 640650@bugs.debian.org
Cc: Ben Hutchings <ben@decadent.org.uk>, control@bugs.debian.org
Subject: Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
From: Ola Lundqvist <opal@debian.org>
Date: Mon, 12 Sep 2011 07:50:51 +0200
Message-id: <[🔎] 20110912055051.GB12727@inguza.net>
Reply-to: opal@debian.org, 640650@bugs.debian.org
In-reply-to: <[🔎] 201109061303.31020.luke@dashjr.org>
References: <[🔎] 20110906045319.13878.47069.reportbug@eligius-eu2> <[🔎] 201109061106.27018.luke@dashjr.org> <[🔎] 20110906162017.GK2802@decadent.org.uk> <[🔎] 201109061303.31020.luke@dashjr.org>

forwarded 640650 http://bugzilla.openvz.org/show_bug.cgi?id=1982
thanks

For your information I have also forwarded this upstream.

Best regards,

// Ola

On Tue, Sep 06, 2011 at 01:03:21PM -0400, Luke-Jr wrote:
> On Tuesday, September 06, 2011 12:20:17 PM Ben Hutchings wrote:
> > On Tue, Sep 06, 2011 at 11:06:24AM -0400, Luke-Jr wrote:
> > > On Tuesday, September 06, 2011 9:41:05 AM Ben Hutchings wrote:
> > > > I understand this and found a patch that should fix it.
> > > 
> > > Is this a security vulnerability, or am I safe to assume my system was
> > > not exploited at least through this issue?
> > 
> > It appears to be a denial-of-service vulnerability.  A container can
> > trigger it by using most of its memory quota and then requesting a new
> > pty.
> 
> I am the only root on all the containers.
> 
> > I don't believe it allows privilege escalation unless you reduce
> > vm.mmap_min_addr (or unless a container can do that).
> 
> Containers cannot.
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 201109061303.31020.luke@dashjr.org">http://lists.debian.org/[🔎] 201109061303.31020.luke@dashjr.org
> 
> 

-- 
 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Annebergsslingan 37      \
|  ola@inguza.com                      654 65 KARLSTAD          |
|  http://inguza.com/                  +46 (0)70-332 1551       |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /
 ---------------------------------------------------------------

Reply to:

Follow-Ups:
- Processed: Re: Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
  - From: Luke <luke_debianbugs@dashjr.org>
- Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
  - From: "Luke-Jr" <luke@dashjr.org>
- Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
  - From: Ben Hutchings <ben@decadent.org.uk>
- Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
  - From: "Luke-Jr" <luke@dashjr.org>

Prev by Date: Processed: Re: Bug#638609: linux-image-2.6.32-5-openvz-amd64: [openvz] iptables: "raw" table gets leaked to guests, causing checkpoint/restore errors
Next by Date: Processed: Re: Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
Previous by thread: Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
Next by thread: Processed: Re: Bug#640650: linux-image-2.6.32-5-openvz-amd64: kernel NULL pointer dereference
Index(es):
- Date
- Thread