oss-sec mailing list archives

CVE request - kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write()

From: Eugene Teo <eugene () redhat com>
Date: Tue, 03 Aug 2010 16:18:26 +0800

On 08/03/2010 01:51 PM, Moritz Muehlenhoff wrote:

On Tue, Aug 03, 2010 at 11:46:58AM +0800, Eugene Teo wrote:

Ilja reported way back in Nov 2007. A writer to /proc/pdc/led(?) can
cause the kernel to consume an unbounded amount of stack, and result
in stack corruption.

http://www.spinics.net/lists/linux-parisc/msg02960.html

If you need a CVE name, change the subject to indicate that. We are
not requesting one as we do not support the PA-RISC architecture in
our distribution.


Debian supports hppa.

Steven, please assign a CVE ID.


Changed the subject to make sure we don't miss this.

Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Current thread:

kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo (Aug 02)
- Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Moritz Muehlenhoff (Aug 02)
  - CVE request - kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo (Aug 03)
  - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Josh Bressers (Aug 03)
    - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Hui Zhu (Aug 09)
  - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() dann frazier (Aug 13)
    - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo (Aug 13)
    - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Ben Hutchings (Aug 13)
    - Re: kernel: [PARISC] led.c - fix potential stack overflow in led_proc_write() Eugene Teo (Aug 13)