Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 11 Nov 2008 13:19:52 +0800
From: "Eugene Teo" <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
Cc: coley@...re.org
Subject: CVE request: kernel: libertas: fix buffer overrun

Hi,

We need a CVE name for this issue. This was committed in upstream
kernel recently.

"If somebody sends an invalid beacon/probe response, that can trash
the whole BSS descriptor. The descriptor is, luckily, large enough so
that it cannot scribble past the end of it; it's well above 400 bytes
long.

Upstream commit: 48735d8d8bd701b1e0cd3d49c21e5e385ddcb077

https://bugzilla.redhat.com/show_bug.cgi?id=470761
http://article.gmane.org/gmane.linux.kernel.wireless.general/23049

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.