Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 3 Feb 2014 07:45:20 +0400
From: Solar Designer <solar@...nwall.com>
To: mancha <mancha1@...h.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)

On Mon, Feb 03, 2014 at 03:16:13AM +0000, mancha wrote:
> Attached find a kernel module I've authored that protects from the attack.

Unfortunately, your two attached files - nox32recvmmsg.c and Makefile -
arrived each in a separate message, with the content yEnc encoded:

http://en.wikipedia.org/wiki/YEnc

Moreover, at least nox32recvmmsg.c definitely looks wrong - only 5 bytes
of the encoding are present:

=ybegin part=1 line=128 size=2287 name=nox32recvmmsg.c
=ypart begin=0 end=5
M<8E><8F><90><93>
=yend size=5 part=1 pcrc32=bdd2de8b

(where the <8E><8F><90><93> portion is literal 8-bit characters).  The
rest of nox32recvmmsg.c is nowhere to be seen.  The Makefile could be
OK, but without the .c file it's useless.  As a moderator, I'll reject
those other two messages since they're of little use.

Rather than post via Gmane's NNTP gateway, can you please reply to this
message with the files MIME-attached, or include the files in message
body with some sort of delimiters (e.g. Phrack-style)?

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ