Date: Fri, 27 Nov 2015 15:12:18 +0100 From: Adam Maris <amaris@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2015-5327 kernel: User triggerable out-of-bounds read An out-of-bounds memory read was found, affecting kernels from 4.3-rc1 onwards. This vulnerability was caused by incorrect X.509 time validation in x509_decode_time() function in x509_cert_parser.c. https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206 -- Adam Maris / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ