Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2034463843.706117.1308150099671.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com>
Date: Wed, 15 Jun 2011 11:01:39 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: alpha: fix several security
 issues

----- Original Message -----
> https://lkml.org/lkml/2011/6/11/87; from Dan Rosenberg.
> 
> 1. Signedness issue in osf_getdomainname allows copying out-of-bounds
> kernel memory to userland.

CVE-2011-2208


> 
> 2. Signedness issue in osf_sysinfo allows copying large amounts of
> kernel memory to userland.

CVE-2011-2209


> 
> 3. Typo (?) in osf_getsysinfo bounds minimum instead of maximum copy
> size, allowing copying large amounts of kernel memory to userland.

CVE-2011-2210


> 
> 4. Usage of user pointer in osf_wait4 while under KERNEL_DS allows
> privilege escalation via writing return value of sys_wait4 to kernel
> memory.

CVE-2011-2211

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.