Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 27 Nov 2015 15:12:18 +0100
From: Adam Maris <amaris@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2015-5327 kernel: User triggerable out-of-bounds read

An out-of-bounds memory read was found, affecting kernels from 4.3-rc1 onwards.
This vulnerability was caused by incorrect X.509 time validation in x509_decode_time() function in x509_cert_parser.c.

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206

-- 
Adam Maris / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.