| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20121024145655.7db21d20.akpm@linux-foundation.org> Date: Wed, 24 Oct 2012 14:56:55 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Kees Cook <keescook@...omium.org> Cc: linux-kernel@...r.kernel.org, Michal Marek <mmarek@...e.cz>, Brad Spengler <spender@...ecurity.net>, PaX Team <pageexec@...email.hu> Subject: Re: [RESEND][PATCH] gen_init_cpio: avoid stack overflow when expanding On Wed, 24 Oct 2012 14:53:33 -0700 Kees Cook <keescook@...omium.org> wrote: > > Well, I do think that a description of the user impact of the bug > > should be included in the changelog so that poor old Greg can work out > > why we sent it at him. > > > > If you can suggest some suitable text I can copy-n-slurp that into the > > changelog. > > How about replacing the first paragraph with: > > Fix possible overflow of the buffer used for expanding environment > variables when building file list. In the extremely unlikely case of > an attacker having control over the environment variables visible to > gen_init_cpio, control over the contents of the file gen_init_cpio > parses, and gen_init_cpio was built without compiler hardening, the > attacker can gain arbitrary execution control via a stack buffer > overflow. ooh, spiffy - even I understood that! -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists