oss-sec mailing list archives
Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug
From: "Eugene Teo" <eugeneteo () kernel sg>
Date: Mon, 22 Dec 2008 09:45:07 +0800
On Wed, Dec 17, 2008 at 11:36 PM, Marcus Meissner <meissner () suse de> wrote:
On Wed, Dec 17, 2008 at 10:14:27AM +0800, Eugene Teo wrote:On Wed, Dec 17, 2008 at 10:00 AM, Steven M. Christey <coley () linus mitre org> wrote:On Wed, 10 Dec 2008, Eugene Teo wrote:Steve, here's another one that needs a CVE name. Thanks! http://bugzilla.kernel.org/show_bug.cgi?id=11399Similar to the other issue, is this IOCTL reachable by anyone malicious?From what I can see in ibwdt_ioctl(), it does not restrict access to unprivileged users.Again, depends on how the device node is created I think. Not sure what mode udev hands out for those.
I discussed this with Wim, and it depends on the permissions for the miscdev device, /dev/watchdog. On Fedora, it's accessible by root user only. Thanks, Eugene
Current thread:
- CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 09)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Marcus Meissner (Dec 17)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 21)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 24)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 16)