oss-sec mailing list archives
Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow
From: Josh Bressers <bressers () redhat com>
Date: Wed, 16 Feb 2011 08:48:23 -0500 (EST)
----- Original Message -----
Reported by rafa () mwrinfosecurity com, "Use strlcpy() to assure not to overflow the string array sizes by too long USB device name string." http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=eaae55dac6b64c0616046436b294e69fc5311581 Just FYI, I'm not requesting a CVE name for this as it only affects Native Instruments USB audio devices with very long device name which I think is unlikely. https://bugzilla.redhat.com/show_bug.cgi?id=677881
I'm assigning this CVE-2011-0712. With the recent research about having a smartphone impersonate various USB devices, I think this attack is now more plausible than in previous years. Thanks. -- JB
Current thread:
- kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Josh Bressers (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Eugene Teo (Feb 16)
- Re: kernel: ALSA: caiaq - Fix possible string-buffer overflow Josh Bressers (Feb 16)