Synology-SA-17:37 Linux kernel

Abstract

CVE-2017-7533 allows local users of a Virtual DSM to obtain privileges or cause a denial of service under a race condition between threads of inotify_handle_event() and vfs_rename() while running the "rename" operation for the same file.

Severity

• Impact: Important
• CVSS3 Base Score: 7.8
• CVSS3 Base Metrics: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected

• Products
  • DSM 6.1
• Models
  • Virtual DSM

Description

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions, as exploited in the wild in August 2017.

Mitigation

None

Update Availability

To fix the security issue, please update DSM 6.1 to 6.1.3-15152-3 or above.

Reference

• http://openwall.com/lists/oss-security/2017/08/03/2
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7533
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e