Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 17 Oct 2017 12:54:24 +0200
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: Re: Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265

On Wed, Oct 11, 2017 at 03:03:53PM +0200, Marcus Meissner wrote:
> Hi folks,
> 
> This kernel issue is being published without embargoe.
> (came via security@...nel.org to Takashi@...E);
> 
> Reported by Michael23 Yu.
> 
> https://bugzilla.suse.com/show_bug.cgi?id=1062520
> 
> Proposed Patch:
> http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
> 
> A use-after-free window in /dev/snd/seq, Mitre has assigned CVE-2017-15265 to it.

The reporter asked to add that this bug was found by ADLab of venustech.
(I was not able to associate him directly before, sorry.)

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.