Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 11 Apr 2011 11:32:23 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Josh Bressers <bressers@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: inotify memory leak

On 11/24/2010 09:17 PM, Josh Bressers wrote:
>
> ----- "Eugene Teo"<eugene@...hat.com>  wrote:
>
>> Reported by Vegard Nossum, if inotify_init is unable to allocate a new
>>
>> file for the new inotify group we leak the new group.
>>
>> Reproducer: http://lkml.org/lkml/2010/11/23/418 (this test case is
>> only
>> relevant if c44dcc56 (v2.6.34-rc1) is backported)
>>
>> Issue was introduced in 63c882a0 (v2.6.31-rc1).
>>
>> https://bugzilla.redhat.com/656830
>
> Please use CVE-2010-4250

A regression was found. We assigned it with CVE-2011-1479. Fix for it 
can be found at: http://git.kernel.org/linus/d0de4dc5. More info here: 
https://bugzilla.redhat.com/CVE-2011-1479.

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.