Date: Thu, 15 Dec 2011 09:16:42 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Eugene Teo <eugene@...hat.com>, "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request - kernel: perf, powerpc: Handle events that raise an exception without overflowing On 12/15/2011 02:03 AM, Eugene Teo wrote: > This does not affect the upstream kernel as it is already fixed. This is > an issue that was introduced when fixing https://bugzilla.redhat.com/740465. > > A PMC is 32 bits (ie an int). When we pass it around as an unsigned > long, we need to cast it before doing the comparison. Using perf on > power machine with a local, unprivileged user account can cause a denial > of service. > > Upstream commit: > http://git.kernel.org/linus/0837e3242c73566fc1c0196b4ec61779c25ffc93 > > Reference: > https://bugzilla.redhat.com/767914 > > Thanks, Eugene Please use CVE-2011-4611 for this issue. -- -Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.