oss-sec mailing list archives

Re: CVE requests for three Linux kernel issues

From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 19 Nov 2013 21:58:50 +0100

Hi,

On Tue, Nov 19, 2013 at 09:14:14PM +0100, Moritz Muehlenhoff wrote:

"x90c" reported four kernel issues on f-d. One already has a CVE ID assigned,
can you please assign one for the remainders?


we've requested only one CVE to be assigned because the rest are
non-issues. Prasad (CC'ed) can provide reasons why.


XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption
  http://seclists.org/fulldisclosure/2013/Nov/139

XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow
  http://seclists.org/fulldisclosure/2013/Nov/126

XADV-2013004 Linux Kernel ipvs Kernel Stack Overflow
  http://seclists.org/fulldisclosure/2013/Nov/77
-> This was already assigned CVE-2013-4588

XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 
  http://seclists.org/fulldisclosure/2013/Nov/75

Cheers,
        Moritz


Thanks,
-- 
Petr Matousek / Red Hat Security Response Team
PGP: 0xC44977CA 8107 AF16 A416 F9AF 18F3  D874 3E78 6F42 C449 77CA

Current thread:

CVE requests for three Linux kernel issues Moritz Muehlenhoff (Nov 19)
- Re: CVE requests for three Linux kernel issues Petr Matousek (Nov 19)
  - Re: CVE requests for three Linux kernel issues P J P (Nov 19)
    - Re: CVE requests for three Linux kernel issues Daniel Borkmann (Nov 20)