Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 22 Apr 2011 21:12:38 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: akuster <akuster@...sta.com>
Cc: oss-security@...ts.openwall.com, Petr Matousek <pmatouse@...hat.com>
Subject: Re: CVE request: kernel: buffer overflow and DoS
 issues in agp

On Fri, Apr 22, 2011 at 06:15 -1000, akuster wrote:
> I am a bit confused.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=698999 references
> https://lkml.org/lkml/2011/4/14/294
> 
>  which is assigned to CVE-2011-1746 not CVE-2011-1747.
> 
> is there a patch for CVE-2011-1747?

No.  The problem of CVE-2011-1747 is mentioned in the patch fixing
CVE-2011-1746 because the patch tries to fix a similar problem - OOM.

CVE-2011-1747 is not fixed yet.


> >> Please use CVE-2011-1747.
> > 
> > In https://bugzilla.redhat.com/show_bug.cgi?id=698999 it is said
> > "Reference and patch:", but there is no patch for the issue (as I said
> > in the patch description).  I have no agp hardware and I cannot test
> > whether forcing the requested pid to the current pid is a good idea (it
> > might not).

-- 
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ