Re: CVE request: linux kernel heap issues

[Eugene Teo <eugene () redhat com>]

On 01/25/2011 01:08 PM, Eugene Teo wrote:
> On 01/25/2011 11:48 AM, Eugene Teo wrote:
> > On 01/25/2011 05:46 AM, Kees Cook wrote:
> > > Hello,
> > >
> > > I don't think these minor issues I reported to the Linux Kernel have
> > > had CVEs assigned to them:
> > >
> > > heap contents leak for CAP_NET_ADMIN via ethtool ioctl
> > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3
> >
> > These require CAP_NET_ADMIN.
> >
> > CVE-2010-4655.
>
> Take note that you will need this too:
> http://marc.info/?l=linux-kernel&m=129593098003553&w=2

http://git.kernel.org/linus/b7c7d01aaed1f71d9afe815a569f0a81465a1744

Eugene