Date: Fri, 28 Jan 2011 09:44:19 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: Kees Cook <kees@...ntu.com>, coley <coley@...re.org> Subject: Re: CVE request: linux kernel heap issues On 01/25/2011 01:08 PM, Eugene Teo wrote: > On 01/25/2011 11:48 AM, Eugene Teo wrote: >> On 01/25/2011 05:46 AM, Kees Cook wrote: >>> Hello, >>> >>> I don't think these minor issues I reported to the Linux Kernel have >>> had CVEs assigned to them: >>> >>> heap contents leak for CAP_NET_ADMIN via ethtool ioctl >>> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3 >>> >>> >> >> These require CAP_NET_ADMIN. >> >> CVE-2010-4655. > > Take note that you will need this too: > http://marc.info/?l=linux-kernel&m=129593098003553&w=2 http://git.kernel.org/linus/b7c7d01aaed1f71d9afe815a569f0a81465a1744 Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ