[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 10 May 2011 09:36:03 +0200
From: Sebastian Krahmer <krahmer@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: kernel: validate size of EFI GUID partition entries
All, thanks for the fast replies. I'd appreciate different text or some
note that its not the same as a recent issue, it would save some work.
thx,
-s
On Tue, May 10, 2011 at 03:32:15PM +0800, Eugene Teo wrote:
> On 05/10/2011 03:18 PM, Sebastian Krahmer wrote:
> >
> >Hi,
> >
> >Is this really different than what was assigned CVE-2011-1577 to?
> >See http://www.spinics.net/lists/mm-commits/msg83274.html or the text
> >on the OSS mail on April 12th which reads exactly the same.
>
> I double-checked, it's different...
>
> Eugene
>
> >Sebastian
> >
> >On Mon, May 09, 2011 at 03:01:06PM -0400, Josh Bressers wrote:
> >>
> >>
> >>----- Original Message -----
> >>>The kernel automatically evaluates partition tables of storage
> >>>devices.
> >>>The code for evaluating GUID partitions (in fs/partitions/efi.c)
> >>>contains a bug that can cause a kernel heap overflow on certain
> >>>corrupted GUID partition tables.
> >>>
> >>>http://git.kernel.org/linus/fa039d5f6b126fbd65eefa05db2f67e44df8f121
> >>>http://bugzilla.redhat.com/show_bug.cgi?id=703026
> >>>
> >>
> >>Please use CVE-2011-1776
> >>
> >>Thanks.
> >>
> >>--
> >> JB
> >
--
--
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.de - SuSE Security Team
---
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstraße 5
90409 Nürnberg
Germany
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
