Vigil@nce - Linux kernel: denial of service via GCM
June 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can make the Linux kernel decrypt data with algorithm
AES-GCM, in order to trigger a denial of service and perhaps run
code with kernel privileges.
– Impacted products: Debian, Linux, RHEL, Ubuntu
– Severity: 2/4
– Creation date: 15/04/2015
– Revision date: 16/04/2015
DESCRIPTION OF THE VULNERABILITY
The Linux kernel includes an implementation of some cryptographic
algorithms, notably used by IPsec.
The set of supported algorithms includes AES and the mode GCM;
which adds authentication of the sender to the encryption. Recent
models of Intel processor have some instructions dedicated to fast
AES software implementation. However, the kernel module that
implements that, namely "aesni-intel" and precisely the routine
"__driver_rfc4106_decrypt" defined in the file
"arch/x86/crypto/aesni-intel_glue.c" does not rightly compute the
size of the decrypted text. So the decryption leads to a memory
corruption in the caller, another kernel module, and maybe to code
injection.
An attacker can make the Linux kernel decrypt data with algorithm
AES-GCM, in order to trigger a denial of service and perhaps to
run code with kernel privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-GCM-16619