Date: Sat, 19 Sep 2015 07:08:18 +0900 From: sfjro@...rs.sourceforge.net To: Ben Hutchings <ben@...adent.org.uk>, oss-security <oss-security@...ts.openwall.com> Subject: Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro@...rs.sourceforge.net: > Ben Hutchings: > > The aufs (Advanced Union Filesystem) project provides an optional patch > > for the Linux kernel, called either aufs3-mmap.patch or > ::: > > I posted a patch here that works for me: > > http://sourceforge.net/p/aufs/mailman/message/34449209/ > > > > Please assign a CVE ID to this. > > I know this is a bug but I don't have time to fix it or test your patch. ::: > I have no objection to assign a CVE ID, but I don't think it is fixed or > at least I didn't confirmt yet. Mainly to oss-security people, FYI, I confirmed that Ben Hutchings' patch is correct and fixed the problem. Actually I've released aufs officially after applying his patch. J. R. Okajima
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.