Date: Tue, 11 Nov 2008 13:19:52 +0800 From: "Eugene Teo" <eugeneteo@...nel.sg> To: oss-security@...ts.openwall.com Cc: coley@...re.org Subject: CVE request: kernel: libertas: fix buffer overrun Hi, We need a CVE name for this issue. This was committed in upstream kernel recently. "If somebody sends an invalid beacon/probe response, that can trash the whole BSS descriptor. The descriptor is, luckily, large enough so that it cannot scribble past the end of it; it's well above 400 bytes long. Upstream commit: 48735d8d8bd701b1e0cd3d49c21e5e385ddcb077 https://bugzilla.redhat.com/show_bug.cgi?id=470761 http://article.gmane.org/gmane.linux.kernel.wireless.general/23049 Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.