oss-sec mailing list archives
Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function
From: Petr Matousek <pmatouse () redhat com>
Date: Thu, 25 Jun 2015 12:44:47 +0200
On Thu, Jun 25, 2015 at 06:42:41AM -0400, cve-assign () mitre org wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Doesn't this fall under different code base?No. There would be separate CVE IDs if it were a conceptually identical vulnerability in different code found in different codebases. We do not assign multiple CVE IDs to the same vulnerability in the same piece of code, regardless of how or why that code has been copied into different projects. This is a case with reuse of an entire substantial function: the function name is the same, the code structure is the same, names of variables and structure members are largely the same, etc. The reuse extends to pit_ioport_write as well.
Fair enough. Thanks, -- Petr Matousek / Red Hat Product Security PGP: 0xC44977CA 8107 AF16 A416 F9AF 18F3 D874 3E78 6F42 C449 77CA
Current thread:
- CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function Petr Matousek (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function cve-assign (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function Petr Matousek (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function cve-assign (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function Petr Matousek (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function Petr Matousek (Jun 25)
- Re: CVE request -- Linux kernel - kvm: x86: out-of-bounds memory access in pit_ioport_read function cve-assign (Jun 25)