Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 04 Nov 2010 17:59:24 +0800
From: Eugene Teo <>
CC: Dan Rosenberg <>
Subject: Re: CVE request: kernel: CAN information leak

On 11/04/2010 06:19 AM, Dan Rosenberg wrote:
> The CAN protocol uses the address of a kernel heap object as a proc
> filename, revealing information that could be useful during
> exploitation.
> The below post also mentions a heap overflow.  While there is a
> semantic overflow (17 bytes being copied into a 9-byte buffer), in
> reality, the object whose member is being overflowed resides in a
> kernel heap slab cache that includes enough padding that there is no
> possible corruption.  So, it's a bug but not a vulnerability.
> Reference:

Please use CVE-2010-3874.

Thanks, Eugene
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ