oss-sec mailing list archives

Re: CVE Request: linux kernel perf out-of-bounds access

From: Eugene Teo <eugeneteo () kernel sg>
Date: Wed, 15 May 2013 09:26:30 +0800

On Tue, May 14, 2013 at 8:25 PM, Marc Deslauriers <
marc.deslauriers () canonical com> wrote:

Hello,

Is there a CVE for this? If not, could one be assigned, please?

https://patchwork.kernel.org/patch/2441281/

8176cced706b5e5d15887584150764894e94e02f

(BTW, there is currently an exploit for this going around...)


Nowhere did it say it is a security fix. Fix available since April 13.
s@kois not aware too. Awesome.

Seriously, surely by now we should all know that silent fixes are not the
wisest thing to do.

Eugene

Current thread:

CVE Request: linux kernel perf out-of-bounds access Marc Deslauriers (May 14)
- Re: CVE Request: linux kernel perf out-of-bounds access Raphael Geissert (May 14)
- Re: CVE Request: linux kernel perf out-of-bounds access Petr Matousek (May 14)
- Re: CVE Request: linux kernel perf out-of-bounds access Eugene Teo (May 14)
  - Re: CVE Request: linux kernel perf out-of-bounds access Michael Gilbert (May 14)
  - Re: CVE Request: linux kernel perf out-of-bounds access Greg KH (May 14)
    - Re: CVE Request: linux kernel perf out-of-bounds access sd (May 14)
    - Re: CVE Request: linux kernel perf out-of-bounds access Kurt Seifried (May 15)