oss-sec mailing list archives

Re: CVE Request - kernel: put_tty_queue NULL pointer deref

From: Eugene Teo <eugeneteo () kernel sg>
Date: Tue, 15 Jun 2010 14:53:36 +0800

On 06/15/2010 02:31 PM, dann frazier wrote:

Going through some old issues, we have this one from 2009:
  https://bugzilla.kernel.org/show_bug.cgi?id=14605

Upstream fix went into 2.6.33-rc8:
   http://git.kernel.org/linus/80e1e823989ec44d8e35bdfddadbddcffec90424

This was included in 2.6.32.9 and 2.6.27.46, but it looks like our
2.6.26-based kernel may have the issue as well.


Also see, https://bugzilla.redhat.com/show_bug.cgi?id=559100.

If memory serves me well, it should affect kernels v2.6.21-rc1 onwardswith the commit ab521dc0.


Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Current thread:

CVE Request - kernel: put_tty_queue NULL pointer deref dann frazier (Jun 14)
- Re: CVE Request - kernel: put_tty_queue NULL pointer deref Eugene Teo (Jun 14)
  - Re: CVE Request - kernel: put_tty_queue NULL pointer deref Josh Bressers (Jun 15)
    - Re: CVE Request - kernel: put_tty_queue NULL pointer deref Steven M. Christey (Jun 15)