oss-sec mailing list archives

Re: CVE request: kernel: alpha: fix several security issues

From: Josh Bressers <bressers () redhat com>
Date: Wed, 15 Jun 2011 11:01:39 -0400 (EDT)

----- Original Message -----

https://lkml.org/lkml/2011/6/11/87; from Dan Rosenberg.

1. Signedness issue in osf_getdomainname allows copying out-of-bounds
kernel memory to userland.


CVE-2011-2208


2. Signedness issue in osf_sysinfo allows copying large amounts of
kernel memory to userland.


CVE-2011-2209


3. Typo (?) in osf_getsysinfo bounds minimum instead of maximum copy
size, allowing copying large amounts of kernel memory to userland.


CVE-2011-2210


4. Usage of user pointer in osf_wait4 while under KERNEL_DS allows
privilege escalation via writing return value of sys_wait4 to kernel
memory.


CVE-2011-2211

Thanks.

-- 
    JB

Current thread:

CVE request: kernel: alpha: fix several security issues Eugene Teo (Jun 12)
- Re: CVE request: kernel: alpha: fix several security issues Josh Bressers (Jun 15)