oss-sec mailing list archives
Re: CVE request: linux kernel heap issues
From: Eugene Teo <eugene () redhat com>
Date: Tue, 25 Jan 2011 13:08:11 +0800
On 01/25/2011 11:48 AM, Eugene Teo wrote:
On 01/25/2011 05:46 AM, Kees Cook wrote:Hello, I don't think these minor issues I reported to the Linux Kernel have had CVEs assigned to them: heap contents leak for CAP_NET_ADMIN via ethtool ioctl http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3These require CAP_NET_ADMIN. CVE-2010-4655.
Take note that you will need this too: http://marc.info/?l=linux-kernel&m=129593098003553&w=2
iowarrior usb device heap overflow http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3ed780117dbe5acb64280d218f0347f238dafed0CVE-2010-4656.
Eugene
Current thread:
- CVE request: linux kernel heap issues Kees Cook (Jan 24)
- Re: CVE request: linux kernel heap issues Kurt Seifried (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 27)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)