Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Jun 2011 11:01:39 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: alpha: fix several security
 issues

----- Original Message -----
> https://lkml.org/lkml/2011/6/11/87; from Dan Rosenberg.
> 
> 1. Signedness issue in osf_getdomainname allows copying out-of-bounds
> kernel memory to userland.

CVE-2011-2208


> 
> 2. Signedness issue in osf_sysinfo allows copying large amounts of
> kernel memory to userland.

CVE-2011-2209


> 
> 3. Typo (?) in osf_getsysinfo bounds minimum instead of maximum copy
> size, allowing copying large amounts of kernel memory to userland.

CVE-2011-2210


> 
> 4. Usage of user pointer in osf_wait4 while under KERNEL_DS allows
> privilege escalation via writing return value of sys_wait4 to kernel
> memory.

CVE-2011-2211

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ