Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 27 Jun 2011 11:22:36 +0800
From: Eugene Teo <>
CC: Dan Rosenberg <>
Subject: Re: CVE request: kernel: remote buffer overflow in

On 06/25/2011 07:15 AM, Dan Rosenberg wrote:
> A remote user can provide a small value for the command size field in
> the command header of an l2cap configuration request, resulting in an
> integer underflow when subtracting the size of the configuration request
> header.  This results in copying a very large amount of data via
> memcpy() and destroying the kernel heap. [1]
> -Dan
> [1]

Please use CVE-2011-2497.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.