Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 28 Aug 2017 11:49:32 +0200
From: Greg KH <greg@...ah.com>
To: 小雨 <1326397@...com>
Cc: linux-distros@...openwall.org, oss-security@...ts.openwall.com,
	security@...nel.org
Subject: Re: Integer overflow in bttv driver

On Mon, Aug 28, 2017 at 05:42:24PM +0800, 小雨 wrote:
> 
> > hello ,
> > 
> > I found a potential security problem which code located in https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c <https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c>.
> > 
> > In setup_window_lock function,as follows:
> > 
> > 
> > 
> > It did not check the clipcount param,causing a overflow.

Really?  What kernel version are you looking at?  The latest kernel tree
shows this, from the repo you link to above:
  https://github.com/torvalds/linux/blob/master/drivers/media/pci/bt8xx/bttv-driver.c#L2098

what am I missing here?

Also, any specific reason you sent this to oss-security just a few
minutes after sending it to security@...nel.org?  I don't really care
for something like this that is not really an issue, but if it was,
well, you sure didn't give anyone a chance to actually fix it :)

thanks,

greg k-h

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ