** Description changed: - Description needed + While working on KernelThreadSanitizer (KTSAN), a data race detector for + kernels, Dmitry Vyukov found a data race that can trick the kernel into + using unitialized memory. - This can at least give access to arbitrary + SysV shared memory and Dmitry developed a proof of concept exploit for + this. (On many systems, this can be used to escalate privileges). - + While we didn't investigate this deeply, it is almost certain that this + vulnerability can be used to gain arbitrary code execution in the + kernel. Exercise left to the reader.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1502032 Title: CVE-2015-7613 Status in linux package in Ubuntu: New Status in linux-armadaxp package in Ubuntu: Invalid Status in linux-ec2 package in Ubuntu: Invalid Status in linux-flo package in Ubuntu: New Status in linux-fsl-imx51 package in Ubuntu: Invalid Status in linux-goldfish package in Ubuntu: New Status in linux-lts-backport-maverick package in Ubuntu: New Status in linux-lts-backport-natty package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: Invalid Status in linux-lts-raring package in Ubuntu: Invalid Status in linux-lts-saucy package in Ubuntu: Invalid Status in linux-lts-trusty package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: Invalid Status in linux-lts-vivid package in Ubuntu: Invalid Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-mvl-dove package in Ubuntu: Invalid Status in linux-ti-omap4 package in Ubuntu: Invalid Status in linux source package in Precise: New Status in linux-armadaxp source package in Precise: New Status in linux-ec2 source package in Precise: Invalid Status in linux-flo source package in Precise: Invalid Status in linux-fsl-imx51 source package in Precise: Invalid Status in linux-goldfish source package in Precise: Invalid Status in linux-lts-backport-maverick source package in Precise: New Status in linux-lts-backport-natty source package in Precise: New Status in linux-lts-quantal source package in Precise: New Status in linux-lts-raring source package in Precise: New Status in linux-lts-saucy source package in Precise: New Status in linux-lts-trusty source package in Precise: New Status in linux-lts-utopic source package in Precise: Invalid Status in linux-lts-vivid source package in Precise: Invalid Status in linux-mako source package in Precise: Invalid Status in linux-manta source package in Precise: Invalid Status in linux-mvl-dove source package in Precise: Invalid Status in linux-ti-omap4 source package in Precise: New Status in linux source package in Trusty: New Status in linux-armadaxp source package in Trusty: Invalid Status in linux-ec2 source package in Trusty: Invalid Status in linux-flo source package in Trusty: Invalid Status in linux-fsl-imx51 source package in Trusty: Invalid Status in linux-goldfish source package in Trusty: Invalid Status in linux-lts-backport-maverick source package in Trusty: New Status in linux-lts-backport-natty source package in Trusty: New Status in linux-lts-quantal source package in Trusty: Invalid Status in linux-lts-raring source package in Trusty: Invalid Status in linux-lts-saucy source package in Trusty: Invalid Status in linux-lts-trusty source package in Trusty: Invalid Status in linux-lts-utopic source package in Trusty: New Status in linux-lts-vivid source package in Trusty: New Status in linux-mako source package in Trusty: Invalid Status in linux-manta source package in Trusty: Invalid Status in linux-mvl-dove source package in Trusty: Invalid Status in linux-ti-omap4 source package in Trusty: Invalid Status in linux source package in Vivid: New Status in linux-armadaxp source package in Vivid: Invalid Status in linux-ec2 source package in Vivid: Invalid Status in linux-flo source package in Vivid: New Status in linux-fsl-imx51 source package in Vivid: Invalid Status in linux-goldfish source package in Vivid: New Status in linux-lts-backport-maverick source package in Vivid: New Status in linux-lts-backport-natty source package in Vivid: New Status in linux-lts-quantal source package in Vivid: Invalid Status in linux-lts-raring source package in Vivid: Invalid Status in linux-lts-saucy source package in Vivid: Invalid Status in linux-lts-trusty source package in Vivid: Invalid Status in linux-lts-utopic source package in Vivid: Invalid Status in linux-lts-vivid source package in Vivid: Invalid Status in linux-mako source package in Vivid: New Status in linux-manta source package in Vivid: New Status in linux-mvl-dove source package in Vivid: Invalid Status in linux-ti-omap4 source package in Vivid: Invalid Status in linux source package in Wily: New Status in linux-armadaxp source package in Wily: Invalid Status in linux-ec2 source package in Wily: Invalid Status in linux-flo source package in Wily: New Status in linux-fsl-imx51 source package in Wily: Invalid Status in linux-goldfish source package in Wily: New Status in linux-lts-backport-maverick source package in Wily: New Status in linux-lts-backport-natty source package in Wily: New Status in linux-lts-quantal source package in Wily: Invalid Status in linux-lts-raring source package in Wily: Invalid Status in linux-lts-saucy source package in Wily: Invalid Status in linux-lts-trusty source package in Wily: Invalid Status in linux-lts-utopic source package in Wily: Invalid Status in linux-lts-vivid source package in Wily: Invalid Status in linux-mako source package in Wily: New Status in linux-manta source package in Wily: New Status in linux-mvl-dove source package in Wily: Invalid Status in linux-ti-omap4 source package in Wily: Invalid Bug description: While working on KernelThreadSanitizer (KTSAN), a data race detector for kernels, Dmitry Vyukov found a data race that can trick the kernel into using unitialized memory. - This can at least give access to arbitrary SysV shared memory and Dmitry developed a proof of concept exploit for this. (On many systems, this can be used to escalate privileges). - While we didn't investigate this deeply, it is almost certain that this vulnerability can be used to gain arbitrary code execution in the kernel. Exercise left to the reader. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1502032/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
