oss-sec mailing list archives

Re: CVE request - Linux kernel: VFAT slab-based buffer overflow

From: "Jason A. Donenfeld" <Jason () zx2c4 com>
Date: Thu, 28 Feb 2013 00:24:09 +0100

On Thu, Feb 28, 2013 at 12:07 AM, Greg KH <greg () kroah com> wrote:

Really?  Ok then, please go ahead and try doing this yourself if you
feel it is so "obvious" to do.


I did yesterday, actually. I saw some commit that said "use after
free!", saw that it was triggerable by an unpriv'd user, and sent it
into the list. Kurt took a look at it, agreed with the assessment, and
assigned a CVE. The commit itself said "use after free" -- I didn't
even have to do any heavy lifting or hair-splitting investigation.

Kernel developers are super smart -- some of the brightest guys out
there.


Nope, we are dumb, we do uninteresting, boring work, dealing with broken
hardware and demanding users every day.  If we were smarter, we wouldn't
be doing this type of thing.


Come on...

Current thread:

Re: handling of Linux kernel vulnerabilities, (continued)
- - - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Noel Butler (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Mar 01)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Tim (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)

(Thread continues...)