|
Message-ID: <4DA27647.3010400@redhat.com> Date: Mon, 11 Apr 2011 11:32:23 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: Josh Bressers <bressers@...hat.com>, "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: kernel: inotify memory leak On 11/24/2010 09:17 PM, Josh Bressers wrote: > > ----- "Eugene Teo"<eugene@...hat.com> wrote: > >> Reported by Vegard Nossum, if inotify_init is unable to allocate a new >> >> file for the new inotify group we leak the new group. >> >> Reproducer: http://lkml.org/lkml/2010/11/23/418 (this test case is >> only >> relevant if c44dcc56 (v2.6.34-rc1) is backported) >> >> Issue was introduced in 63c882a0 (v2.6.31-rc1). >> >> https://bugzilla.redhat.com/656830 > > Please use CVE-2010-4250 A regression was found. We assigned it with CVE-2011-1479. Fix for it can be found at: http://git.kernel.org/linus/d0de4dc5. More info here: https://bugzilla.redhat.com/CVE-2011-1479. Thanks, Eugene -- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.