oss-sec mailing list archives
incomplete fix for CVE-2014-4611: kernel: integer overflow in lz4_uncompress
From: Marcus Meissner <meissner () suse de>
Date: Tue, 19 Aug 2014 15:08:32 +0200
Hi, Jan Beulich writes in our bug for CVE-2014-4611: https://bugzilla.novell.com/show_bug.cgi?id=883949#c12 Jan Beulich <jbeulich () suse com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jbeulich () suse com --- Comment #12 from Jan Beulich <jbeulich () suse com> 2014-08-15 21:42:33 UTC --- Except that it has been determined quite some time ago that all three fixes having gone in upstream so far don't really fix anything. I posted a patch that I think actually addresses the issue (https://lkml.org/lkml/2014/7/4/288), but till now no-one cared to comment on it, apply it, or point out what's still wrong, despite the ping 3 weeks later (https://lkml.org/lkml/2014/7/25/23). It was - instead of the insufficient Linux ones - in fact meanwhile applied to the Xen clone of that code. Perhaps the kernel folks want to look at it again if they missed it so far. Ciao, Marcus
Current thread:
- incomplete fix for CVE-2014-4611: kernel: integer overflow in lz4_uncompress Marcus Meissner (Aug 19)