oss-sec mailing list archives
Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
From: Josh Bressers <bressers () redhat com>
Date: Mon, 24 Jan 2011 13:34:47 -0500 (EST)
----- Original Message -----
On 01/23/2011 04:13 AM, Steven M. Christey wrote:On Fri, 21 Jan 2011, Eugene Teo wrote:On 01/21/2011 04:08 AM, Vasiliy Kulikov wrote:File position is not controlled, it may lead to overwrites of arbitrary kernel memory. Also the code may kfree() the same pointer multiple times.http://lkml.org/lkml/2011/1/20/348 https://bugzilla.redhat.com/CVE-2011-0023 Please use CVE-2011-0023 (this does not include the unresolved flaw described in the following paragraph below).There seem to be 2 types of issues described above - the uncontrolled file position / memory overwrite, and a "double free". So there should probably be 2 separate CVEs, not one. Am I missing something?Sorry about it. Please see http://seclists.org/oss-sec/2011/q1/106.
Eugene, does the "unresolved flaw" still need an ID? This thread now confuses me. Thanks. -- JB
Current thread:
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 20)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 21)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 21)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Steven M. Christey (Jan 22)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 22)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Josh Bressers (Jan 24)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 24)
- Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Eugene Teo (Jan 22)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 24)
- Re: [PATCH] acpi: debugfs: fix buffer overflows, double free Vasiliy Kulikov (Jan 21)