[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ntfs-dev
Subject:    Re: [Linux-NTFS-Dev] Multiple Memory Corruption Issues in ntfs.ko (Linux 4.15.0-15.16)
From:       Anton Altaparmakov <anton () tuxera ! com>
Date:       2018-04-19 11:16:19
Message-ID: 232D3866-79E6-4363-9A9A-5FBBD177D62B () tuxera ! com
[Download RAW message or body]

Hi Sergej,

Thanks for the report, images and logs.  I tried the first one and can confirm it \
crashes.  I will work on fixing them all.

Best regards,

	Anton

> On 18 Apr 2018, at 19:33, Sergej Schumilo <sergej@schumilo.de> wrote:
> 
> Dear all, 
> after reporting the following bugs to the Ubuntu security team, we were asked to \
> report them directly to the kernel developers.  I have attached the original bug \
> report as well as a link to a zip archive containing all relevant files (including \
> all oops and KASAN reports and the causing NTFS images). 
> https://ruhr-uni-bochum.sciebo.de/s/C4yAaseXggUGaVu/download
> 
> ——————————————————————
> 
> Dear all,
> The following memory corruption issues in ntfs.ko (such as use-after-frees, stack- \
> and heap-out-of-bounds accesses and BUG_ON / BUG assertion fails) were found by a \
> modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have \
> attached the causing NTFS filesystem image, the dmesg reports, KASAN reports and \
> the source code of a simple mounting tool to reproduce those issues \
> (ntfs_inject.c). 
> A local users who have been granted the privileges necessary to mount filesystems \
> (or a system components which auto mounts filesystems) could trigger a kernel oops, \
> a kernel panic (depending on panic_on_oops) or exploit those bugs to raise \
> privileges. 
> We can verify this issues for Linux 4.15.0-15.16 (Ubuntu 16.04.4 LTS / sources from \
> "pull-lp-source linux"). 
> Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr-Universität Bochum)
> 
> Best regards,
> Sergej Schumilo
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Linux-NTFS-Dev mailing list
> Linux-NTFS-Dev@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-ntfs-dev

-- 
Anton Altaparmakov <anton at tuxera.com> (replace at with @)
Lead in File System Development, Tuxera Inc., http://www.tuxera.com/
Linux NTFS maintainer

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-NTFS-Dev mailing list
Linux-NTFS-Dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-ntfs-dev


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic