Date: Fri, 22 Apr 2011 21:12:38 +0400 From: Vasiliy Kulikov <segoon@...nwall.com> To: akuster <akuster@...sta.com> Cc: oss-security@...ts.openwall.com, Petr Matousek <pmatouse@...hat.com> Subject: Re: CVE request: kernel: buffer overflow and DoS issues in agp On Fri, Apr 22, 2011 at 06:15 -1000, akuster wrote: > I am a bit confused. > > https://bugzilla.redhat.com/show_bug.cgi?id=698999 references > https://lkml.org/lkml/2011/4/14/294 > > which is assigned to CVE-2011-1746 not CVE-2011-1747. > > is there a patch for CVE-2011-1747? No. The problem of CVE-2011-1747 is mentioned in the patch fixing CVE-2011-1746 because the patch tries to fix a similar problem - OOM. CVE-2011-1747 is not fixed yet. > >> Please use CVE-2011-1747. > > > > In https://bugzilla.redhat.com/show_bug.cgi?id=698999 it is said > > "Reference and patch:", but there is no patch for the issue (as I said > > in the patch description). I have no agp hardware and I cannot test > > whether forcing the requested pid to the current pid is a good idea (it > > might not). -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ