Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 15 Mar 2011 16:58:35 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE Request: kernel: fs/partitions: Corrupted
 OSF partition table can cause information disclosure

Please use CVE-2011-1163.

Thanks.

-- 
    JB

----- Original Message -----
> The kernel automatically evaluates partition tables of storage
> devices.
> The code for evaluating OSF partitions (in fs/partitions/osf.c)
> contains a bug that leaks data from kernel heap memory to userspace
> for
> certain corrupted OSF partitions.
> 
> See http://www.spinics.net/lists/mm-commits/msg82737.html for a patch.
> 
> Cheers, Timo
> 
> --
> Dr. Timo Warns warns@...-sense.de
> Tel. +49 - 40 - 244 2407 - 16
> Fax +49 - 40 - 244 2407 - 24
> PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH
> USt-IdNr.: DE263765024
> Geschäftsführer/Managing Directors AG Hamburg, HRB 107844
> Till Dörges Jürgen Sander Axel Theilmann

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ