Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 28 Jan 2011 09:44:19 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Kees Cook <kees@...ntu.com>, coley <coley@...re.org>
Subject: Re: CVE request: linux kernel heap issues

On 01/25/2011 01:08 PM, Eugene Teo wrote:
> On 01/25/2011 11:48 AM, Eugene Teo wrote:
>> On 01/25/2011 05:46 AM, Kees Cook wrote:
>>> Hello,
>>>
>>> I don't think these minor issues I reported to the Linux Kernel have
>>> had CVEs assigned to them:
>>>
>>> heap contents leak for CAP_NET_ADMIN via ethtool ioctl
>>> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3
>>>
>>>
>>
>> These require CAP_NET_ADMIN.
>>
>> CVE-2010-4655.
>
> Take note that you will need this too:
> http://marc.info/?l=linux-kernel&m=129593098003553&w=2

http://git.kernel.org/linus/b7c7d01aaed1f71d9afe815a569f0a81465a1744

Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ