| Severity |
|
| Remote |
|
| Type |
|
| Description |
| + |
A race condition flaw was found in the N_HLDC Linux kernel driver when accessing the n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to crash the system or increase their privileges on the system. |
|
| References |
| + |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b |
| + |
http://seclists.org/oss-sec/2017/q1/569 |
|
| Notes |
| + |
Workaround: # echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf |
| + |
Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82f2341c94d270421f383641b7cd670e474db56b |
| + |
Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be10eb7589337e5defbe214dae038a53dd21add8 |
|