Date: Mon, 20 Jun 2011 09:57:56 -0400 From: Dan Rosenberg <dan.j.rosenberg@...il.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure On Wed, Jun 15, 2011 at 8:19 PM, Dan Rosenberg <dan.j.rosenberg@...il.com> wrote: > NetBSD has committed a fix for an issue in the 802.11 stack . > FreeBSD is also affected and should release a fix shortly. Due to a > signedness error in the IEEE80211_IOC_CHANINFO ioctl, a local > unprivileged user could cause the kernel to copy large amounts of > kernel memory back to the user, disclosing potentially sensitive > information. The issue only affects certain non-x86 architectures, > such as SPARC. > > -Dan > >  http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/net80211/ieee80211_ioctl.c?rev=1.56&content-type=text/x-cvsweb-markup&only_with_tag=MAIN > FreeBSD has commited a fix: http://svnweb.freebsd.org/base?view=revision&revision=223145
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ