Date: Wed, 19 May 2010 09:10:13 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: Greg KH <greg@...ah.com>, "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: kernel: cifs: cifs_create() NULL pointer dereference >>> http://comments.gmane.org/gmane.linux.file-systems.cifs/5782 >>> https://bugzilla.redhat.com/579445 >> >> The code that introduced this is upstream commit c3b2a0c6. Any >> kernel version from v2.6.29-rc6 onwards are affected. > > Am I correct in that I do not see a fix for this in the upstream kernel > repository yet? Yes. IIRC, the developers don't think this is exploitable. I didn't look at this further as it has a lower priority for me and our supported kernels are not affected. Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.