oss-sec mailing list archives

Re: CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713

From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Wed, 20 Jul 2011 13:27:27 +0530

On 07/20/2011 12:52 PM, Eugene Teo wrote:

"While compiling it with Fedora 15, [Mauro Carvalho Chehab] noticed this
issue:

inlined from ‘si4713_write_econtrol_string’ at
drivers/media/radio/si4713-i2c.c:1065:24:
/home/v4l/work_trees/linus/arch/x86/include/asm/uaccess_32.h:211:26:
error: call to ‘copy_from_user_overflow’ declared with attribute error:
copy_from_user() buffer size is not provably correct"

http://git.kernel.org/?p=linux/kernel/git/longterm/longterm-queue-2.6.33.git;a=blob;f=queue-2.6.33/si4713-i2c-avoid-potential-buffer-overflow-on-si4713.patch;h=d99c471980a074cf4ef55fb4428d5f2fec66bffb;hb=29be9ef5e43df840fb19af1d4b3dfa51b3a956c8

AFAIK, only N900 uses this.

Thanks, Eugene


Please use CVE-2011-2700

-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Current thread:

CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713 Eugene Teo (Jul 20)
- Re: CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713 Huzaifa Sidhpurwala (Jul 20)