Follow us on Twitter or via RSS feeds with tweets or complete announcement texts or excerpts
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 10 May 2011 09:28:30 +0200
From: Timo Warns <warns@...-sense.de>
To: oss-security@...ts.openwall.com
CC: Sebastian Krahmer <krahmer@...e.de>, 
 "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: validate size of EFI GUID
 partition entries

Hi,

from my point of view, these are different bugs:

CVE-2011-1577 addresses the overall header size used for a CRC32
computation.

CVE-2011-1776 addresses the size of partition entries used for
allocating a data structure.

Of course, one could argue that this is only one issue "missing input
validation on GUID partition tables".

Cheers, Timo

Am 10.05.2011 09:18, schrieb Sebastian Krahmer:
> 
> Hi,
> 
> Is this really different than what was assigned CVE-2011-1577 to?
> See http://www.spinics.net/lists/mm-commits/msg83274.html or the text
> on the OSS mail on April 12th which reads exactly the same.
> 
> Sebastian
> 
> On Mon, May 09, 2011 at 03:01:06PM -0400, Josh Bressers wrote:
>>
>>
>> ----- Original Message -----
>>> The kernel automatically evaluates partition tables of storage
>>> devices.
>>> The code for evaluating GUID partitions (in fs/partitions/efi.c)
>>> contains a bug that can cause a kernel heap overflow on certain
>>> corrupted GUID partition tables.
>>>
>>> http://git.kernel.org/linus/fa039d5f6b126fbd65eefa05db2f67e44df8f121
>>> http://bugzilla.redhat.com/show_bug.cgi?id=703026
>>>
>>
>> Please use CVE-2011-1776
>>
>> Thanks.
>>
>> -- 
>>     JB
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ