Date: Wed, 15 Jun 2011 11:01:39 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: kernel: alpha: fix several security issues ----- Original Message ----- > https://lkml.org/lkml/2011/6/11/87; from Dan Rosenberg. > > 1. Signedness issue in osf_getdomainname allows copying out-of-bounds > kernel memory to userland. CVE-2011-2208 > > 2. Signedness issue in osf_sysinfo allows copying large amounts of > kernel memory to userland. CVE-2011-2209 > > 3. Typo (?) in osf_getsysinfo bounds minimum instead of maximum copy > size, allowing copying large amounts of kernel memory to userland. CVE-2011-2210 > > 4. Usage of user pointer in osf_wait4 while under KERNEL_DS allows > privilege escalation via writing return value of sys_wait4 to kernel > memory. CVE-2011-2211 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ