oss-sec mailing list archives

Re: CVE request - Linux kernel: VFAT slab-based buffer overflow

From: Daniel Kahn Gillmor <dkg () fifthhorseman net>
Date: Wed, 27 Feb 2013 15:17:46 -0800

On 02/27/2013 03:00 PM, Jason A. Donenfeld wrote:

it takes your brain less than a single cycle to realize this or
that memory corruption can lead to priv escalation.


Even if this were true, it takes much more than a single cycle to write
up a decent security report that can be understood by other people.
Communication takes time and effort.  Good communication takes even more
time and effort.

I want this work to happen as much as you do, but it doesn't help to
trivialize the work you are asking others to do.

        --dkg

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Re: handling of Linux kernel vulnerabilities, (continued)
- - - Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Mar 01)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Tim (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)

(Thread continues...)