oss-sec mailing list archives
Re: CVE request-HUAWEI P8 GRA-UL00
From: Fabio Olive Leite <fleite () redhat com>
Date: Mon, 16 Nov 2015 11:16:15 -0200
On Monday 16 November 2015 15:56:52 Solar Designer wrote:
It is unclear whether this makes the vulnerability detail ...
Is it really a vulnerability? All the code does is read 4 bytes from a proc file, and reads that into address 0 in the process, which will very likely kill it unless that page is mapped somehow, which the code does not make any attempt to. Is the OP mistaking a crashed userlevel process with a system-wide crash? Cheers, -- Fábio Olivé Leite, Red Hat Product Security F1C1 1876 3922 1906 6631 0C31 92A5 9276 250D 8380
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request-HUAWEI P8 GRA-UL00 郭永刚 (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Solar Designer (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Fabio Olive Leite (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Shawn (Nov 16)
- Re: CVE request-HUAWEI P8 GRA-UL00 Solar Designer (Nov 16)