| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201101131432.58059.remi.denis-courmont@nokia.com> Date: Thu, 13 Jan 2011 14:32:57 +0200 From: "Rémi Denis-Courmont" <remi.denis-courmont@...ia.com> To: error27@...il.com, dan.j.rosenberg@...il.com Cc: netdev@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: Re: [patch v2] phonet: some signedness bugs On Tuesday 11 January 2011 02:06:20 ext David Miller, you wrote: > From: Dan Carpenter <error27@...il.com> > Date: Mon, 10 Jan 2011 17:06:58 +0300 > > > Dan Rosenberg pointed out that there were some signed comparison bugs > > in the phonet protocol. > > > > http://marc.info/?l=full-disclosure&m=129424528425330&w=2 > > > > The problem is that we check for array overflows but "protocol" is > > signed and we don't check for array underflows. If you have already > > have CAP_SYS_ADMIN then you could use the bugs to get root, or someone > > could cause an oops by mistake. > > > > Signed-off-by: Dan Carpenter <error27@...il.com> > > Applied. Shouldn't this be sent to stable trees? -- Rémi Denis-Courmont Nokia Devices R&D, Maemo Software, Helsinki -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists