oss-sec mailing list archives
econet iovec
From: Thomas Pollet <thomas.pollet () gmail com>
Date: Sun, 14 Nov 2010 15:56:38 +0100
Hi, the AF_ECONET sendmsg iovec code also appears to be vulnerable to an integer overflow that will be fixed by the verify_iovec changes in the 2.6.37 kernel. on line 469: size += iov_len Regards, Thomas
Current thread:
- econet iovec Thomas Pollet (Nov 14)
- Re: econet iovec Dan Rosenberg (Nov 14)
- Re: econet iovec Dan Rosenberg (Nov 14)
- Re: econet iovec Eugene Teo (Nov 14)
- Re: econet iovec Steven M. Christey (Nov 15)
- Re: econet iovec Dan Rosenberg (Nov 15)
- Re: econet iovec Dan Rosenberg (Nov 14)
- Re: econet iovec Dan Rosenberg (Nov 14)