oss-sec mailing list archives
Re: Linux 4.19.0-rc3 Bluetooth out-of-bounds-read and use-after-free
From: Greg KH <greg () kroah com>
Date: Wed, 31 Oct 2018 22:00:23 +0100
On Wed, Oct 31, 2018 at 03:11:38PM +0100, Solar Designer wrote:
As you can see below, in one message the sender offered to coordinate with security@k.o and asked for a CVE ID. However, this was in response to my questions about those aspects as it relates to the sender's other message, and I don't know whether the sender actually proceeded to coordinate with security@k.o (I tried asking the sender and got no response) and no CVE ID was assigned by distros (since the sender also didn't respond to my inquiry about security relevance).
security@k.o generally tells all people who submit syzbot reports to just contact the upstream developers on their mailing list for issues reported by that tool, as that is what the tool's team does. And I think we did that for this report as well, but never heard anything back :( thanks, greg k-h
Current thread:
- Linux 4.19.0-rc3 Bluetooth out-of-bounds-read and use-after-free Solar Designer (Oct 31)
- Re: Linux 4.19.0-rc3 Bluetooth out-of-bounds-read and use-after-free Greg KH (Oct 31)