oss-sec mailing list archives
Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch
From: sfjro () users sourceforge net
Date: Sat, 19 Sep 2015 07:08:18 +0900
sfjro () users sourceforge net:
Ben Hutchings:The aufs (Advanced Union Filesystem) project provides an optional patch for the Linux kernel, called either aufs3-mmap.patch or:::I posted a patch here that works for me: http://sourceforge.net/p/aufs/mailman/message/34449209/ Please assign a CVE ID to this.I know this is a bug but I don't have time to fix it or test your patch.
:::
I have no objection to assign a CVE ID, but I don't think it is fixed or at least I didn't confirmt yet.
Mainly to oss-security people, FYI, I confirmed that Ben Hutchings' patch is correct and fixed the problem. Actually I've released aufs officially after applying his patch. J. R. Okajima
Current thread:
- CVE request: Use-after-free in Linux kernel with aufs mmap patch Ben Hutchings (Sep 10)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro (Sep 10)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro (Sep 18)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch Salvatore Bonaccorso (Sep 21)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch cve-assign (Sep 22)
- Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch sfjro (Sep 10)