Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 29 Dec 2009 22:21:01 +0800
From: Eugene Teo <>
CC: "Steven M. Christey" <>
Subject: Re: CVE requests - kernel security regressions for
 CVE-2009-1385/and -1389

On 12/29/2009 10:12 AM, Eugene Teo wrote:
> On 12/28/2009 03:47 PM, Eugene Teo wrote:
>> In Fabian's talk, he describes two kernel NIC driver issues:
>> Issue #1
>> Fabian claimed that CVE-2009-1385 has an incorrect fix:
> [...]
>> Issue #2
>> The fix for CVE-2009-1389 regarding the r8169 driver introduces a
>> similar security problem as this:
>> is
>> a revert of this:
> Patches update can be found here:

Issue #3
I noticed that the e1000e driver also needs a similar fix as issue #1.

Progress on the patches can be found in either of the two bugs.

Thanks, Eugene
Eugene Teo / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ