oss-sec mailing list archives
Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook
From: <zrlw () sina com>
Date: Wed, 11 Jul 2018 09:02:52 +0800
yes, i found the pl and sent to the maintainer mchehab () kernel org and linux-media mail list linux-media () vger kernel org last week, the last one boudanced me with something like 'Your address is not liked source for email' blah... i don't have Sony Vaio PictureBook, so i just check the souces and docs again. /usr/src/packages/BUILD/kernel-default-4.4.21/linux-4.4/Documentation/video4linux/v4l2-framework.txt: 'The v4l2_file_operations struct is a subset of file_operations. The main difference is that the inode argument is omitted since it is never used.' # ls /dev/video0crw-rw---- 1 root video 81, 0 Jul 11 08:14 /dev/video0 commit be83bbf80682 file_mmap_size_max check conditions:1. S_ISREG(inode->i_mode) 2. S_ISBLK(inode->i_mode)3. file->f_mode & FMODE_UNSIGNED_OFFSET I doubt which one will be true. ----- Original Message ----- From: Greg KH <greg () kroah com> To: oss-security () lists openwall com, zrlw () sina com Cc: Solar Designer <solar () openwall com> Subject: Re: [oss-security] mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Date: 2018-07-10 21:41 On Sat, Jul 07, 2018 at 12:09:37AM +0800, zrlw () sina com wrote:
I sent a email to the original authors which i found in the head of meye.c, but i don't receive any response util now.
Always use the scripts/get_maintainer.pl tool to find who to send stuff like this to. It will include a public mailing list or two.
I don't think commit be83bbf80682 will work on this case, this driver derived from v4l2-core which not use inode, maybe i'm wrong.
I think you are wrong, but it would be great if you could test to verify it or not. thanks, greg k-h
Current thread:
- mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook zrlw (Jul 06)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Greg KH (Jul 06)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Solar Designer (Jul 06)
- <Possible follow-ups>
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook zrlw (Jul 06)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Greg KH (Jul 10)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook zrlw (Jul 11)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook zrlw (Jul 11)
- Re: Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Greg KH (Jul 11)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Greg KH (Jul 10)
- Re: mmap vulnerability in motion eye video4linux driver for Sony Vaio PictureBook Greg KH (Jul 06)