Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 05 Mar 2012 10:10:19 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2012-1097 kernel: regset: Prevent null pointer reference on readonly
 regsets

Description: The regset common infrastructure assumed that regsets would
always have .get and .set methods, but not necessarily .active methods.
Unfortunately people have since written regsets without .set methods.

Rather than putting in stub functions everywhere, handle regsets with
null .get or .set methods explicitly.

Credit: H. Peter Anvin

Upstream commits:
http://git.kernel.org/linus/c8e252586f8d5de906385d8cf6385fee289a825e
http://git.kernel.org/linus/5189fa19a4b2b4c3bec37c3a019d446148827717

Reference:
https://bugzilla.redhat.com/CVE-2012-1097

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.