Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Wed, 18 Nov 2009 10:15:37 -0500 (EST)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: virtualbox-ose guest can trigger
 denial of service at host, mem consumption

Use CVE-2009-3893 for this.

Thanks.

-- 
    JB


----- "Thomas Biege" <thomas@...e.de> wrote:

> Hi,
> just something I found in October:
> http://thetoms-random-thoughts.blogspot.com/2009/11/virtualbox-ose-guest-can-trigger-denial.html
> 
> The kernel module can be used to allocate an arbitrary amount of
> memory.
> 
> 
> -- 
> Bye,
>      Thomas
> -- 
>  Thomas Biege <thomas@...e.de>, SUSE LINUX, Security Support &
> Auditing
>  SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
> -- 
>   Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
>                             -- Marie von Ebner-Eschenbach

-- 
    JB

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ