[LTP] [PATCH v2] syscalls/timer_create: Add test for CVE-2017-18344
Li Wang
liwang@redhat.com
Mon Jul 29 11:47:37 CEST 2019
On Fri, Jul 26, 2019 at 4:37 PM Christian Amann <camann@suse.com> wrote:
>
> In kernels prior to 4.14.8 (missing commit cef31d9af908)
> the sigevent.sigev_notify field is not properly checked
> when creating a timer using timer_create(2).
> This can be used to read arbitrary kernel memory.
>
> Signed-off-by: Christian Amann <camann@suse.com>
Acked-by: Li Wang <liwang@redhat.com>
--
Regards,
Li Wang
More information about the ltp
mailing list