Vigil@nce - Linux kernel: denial of service via printk
February 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can force the kernel to log a short message, in
order to read at an invalid memory address, which leads to a
denial of service.
Impacted products: Linux
Severity: 1/4
Creation date: 06/02/2013
DESCRIPTION OF THE VULNERABILITY
The Linux kernel uses the printk() function to display important
messages.
The call_console_drivers() function displays the message on the
console. It calls the log_prefix() function, which decodes the
syslog "
short, the log_prefix() function reads after the end of the
storage buffer, to search the ’>’ character for example.
A local attacker can therefore force the kernel to log a short
message, in order to read at an invalid memory address, which
leads to a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-printk-12382