oss-sec mailing list archives

Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs

From: Solar Designer <solar () openwall com>
Date: Thu, 7 Mar 2013 13:19:05 +0400

Kurt -

On Thu, Mar 07, 2013 at 02:13:37AM -0700, Kurt Seifried wrote:

Bundling the following into a single CVE:

[...]

Please use CVE-2012-6138 for these issues.


I think this is wrong.  I would understand if those issues were all in
the same subsystem at least (or if you assigned per-subsystem CVE IDs
for these), but this is not the case.  Many distros will fix some, but
not the others, or not all at the same time.  There's room for a little
bit of bundling here, but not that much.

Alexander

Current thread:

CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Mathias Krause (Mar 05)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 06)
  - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Mathias Krause (Mar 06)
- Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
  - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Solar Designer (Mar 07)
    - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
    - RE: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Christey, Steven M. (Mar 07)
    - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Solar Designer (Mar 07)
    - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Petr Matousek (Mar 07)
    - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Kurt Seifried (Mar 07)
    - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs Thomas Biege (Mar 08)
  - Re: CVE Requests (maybe): Linux kernel: various info leaks, some NULL ptr derefs cve-assign (Mar 14)