oss-sec mailing list archives

Re: CVE requests - kernel: irda/decnet issues

From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Tue, 22 Mar 2011 06:55:48 -0400

On Tue, Mar 22, 2011 at 3:27 AM, Eugene Teo <eugene () redhat com> wrote:

Both are reported by Dan Rosenberg. Description of the issues can be found
in the following links:-

irda: validate peer name and attribute lengths
http://marc.info/?l=linux-netdev&m=130067113628164&w=2

DECnet: need to validate user data and access data?
http://marc.info/?l=linux-netdev&m=130075091711143&w=2


Steve Whitehouse provided some clarification on DECnet, which not an
actual security issue (thus the question mark in the thread title):
http://marc.info/?l=linux-netdev&m=130078511604840&w=2

IrDA seems to be valid though.

-Dan

Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Current thread:

CVE requests - kernel: irda/decnet issues Eugene Teo (Mar 22)
- Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg (Mar 22)
- Re: CVE requests - kernel: irda/decnet issues Josh Bressers (Mar 22)
  - Re: CVE requests - kernel: irda/decnet issues Dan Rosenberg (Mar 22)