oss-sec mailing list archives
Re: CVE request - Linux kernel: VFAT slab-based buffer overflow
From: Jiri Kosina <jikos () jikos cz>
Date: Thu, 28 Feb 2013 00:28:48 +0100 (CET)
On Wed, 27 Feb 2013, Greg KH wrote:
May I just bluntly call out shenanigans here? Yes, some bugs are esoteric and it's not immediately obvious that they are security related. But there are so many bugs that are _clearly_ security-related.Really? Ok then, please go ahead and try doing this yourself if you feel it is so "obvious" to do.
What Jason is asking for (at least to my understanding) is that if we are fixing a bug from a known-to-automatically-be-security-issue, we let the world know explicitly. We are not pro-actively doing that now, are we? Yes, there are going to be lots and lots of bugs which turn out to be security issues once analyzed by super-smart guys wearing their darker-coloured hats, and that's unavoidable. Killing all the efforts that try to mitigate this effect with as little investments as possible seems to be slightly counter-productive though. We are not going to be perfect at it, ever, sure. Perfect is the enemy of good. Also, defining the list in a sensible way is challenging of course, but let's have this for starters: - use-after-free - null(+epsilon) pointer dereference - array access overflow - signedness problem in sizeof() with argument coming from userspace - operating VMAs without mmap_sem - ... Hmm? -- Jiri Kosina
Current thread:
- Re: handling of Linux kernel vulnerabilities, (continued)
- Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 05)
- Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
- Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
- Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Mar 01)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Tim (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
- Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)