Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 19 Feb 2010 00:11:13 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marcus Meissner <meissner@...e.de>
Subject: Re: additional memory leak in USB userspace handling

On 02/17/2010 06:46 PM, Marcus Meissner wrote:
> Hi,
>
> a memory allocation leak (not information, just unfreed memory)
> was spotted and fixed by Linus during debugging of previous problem.
>
> On put_user() errors it would leak one "struct async" per REAPURB call.
>
> Fix is in commit ddeee0b2eec2a51b0712b04de4b39e7bec892a53, also
> attached.
>
> Affected code is also going back throughout 2.6 history.
>
> The issue is of less importance than the information leak fix, I am not
> sure if it deserves a CVE or not.

I was talking to Marcus about this. The attacker needs access to a USB 
device like the previous bug in order to exploit this.

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ