Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 17 Sep 2015 20:54:20 +0200
From: Marcus Meissner <meissner@...e.de>
To: Steve Dickson <SteveD@...hat.com>
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com,
	Olaf Kirch <okir@...e.de>
Subject: Re: CVE Request: remote triggerable use-after-free in rpcbind

On Thu, Sep 17, 2015 at 02:51:26PM -0400, Steve Dickson wrote:
> 
> 
> On 09/17/2015 12:20 PM, cve-assign@...re.org wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA256
> > 
> >> http://www.spinics.net/lists/linux-nfs/msg53045.html
> >> https://bugzilla.suse.com/show_bug.cgi?id=946204
> > 
> >> frees the netbuf caller_addr and caller_addr.buf. However, it does not
> >> clear xp_rtaddr, so xp_rtaddr.buf now refers to memory region A, which
> >> is free.
> >>
> >> ... It will reuse the buffer inside xp_rtaddr
> > 
> > Use CVE-2015-7236.
> Will there be a bz opened up? 

Where should I open it? kernel.org?

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ