Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 3 Apr 2009 09:46:09 +0000 (UTC)
From: security curmudgeon <>
Subject: Re: CVE request -- Linux kernel irda driver buffer

Previous discussion:

Mark Cox ruled "doesn't seem to have any security implications". Since 
then, 3rd party analysis suggests it still may in a different manner:


This could lead to information leak if request_firmware() gives some kind 
of output but I havent checked this.



Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.