Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Jun 2011 09:57:56 -0400
From: Dan Rosenberg <>
Subject: Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure

On Wed, Jun 15, 2011 at 8:19 PM, Dan Rosenberg
<> wrote:
> NetBSD has committed a fix for an issue in the 802.11 stack [1].
> FreeBSD is also affected and should release a fix shortly.  Due to a
> signedness error in the IEEE80211_IOC_CHANINFO ioctl, a local
> unprivileged user could cause the kernel to copy large amounts of
> kernel memory back to the user, disclosing potentially sensitive
> information.  The issue only affects certain non-x86 architectures,
> such as SPARC.
> -Dan
> [1]

FreeBSD has commited a fix:

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ