blob: 2c98b17fc761291397339ddc192a35c564fdfafc (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2)
References:
https://www.openwall.com/lists/oss-security/2020/01/28/2
Notes:
carnil> The issue go introduced with 30aba6656f61 ("namei: allow
carnil> restricted O_CREAT of FIFOs and regular files") in 4.19-rc1
carnil> which got backported to 4.4.166, 4.9.142 and 4.14.85.
Bugs:
upstream: released (5.5) [d0cb50185ae942b03c4327be322055d622dc79f6]
4.19-upstream-stable: needed
4.9-upstream-stable: needed
3.16-upstream-stable: N/A "Introduced in 4.19 with 30aba6656f61"
sid: needed
4.19-buster-security: needed
4.9-stretch-security: needed
3.16-jessie-security: N/A "Introduced in 4.19 with 30aba6656f61"
|