oss-sec mailing list archives
Re: CVE request: linux kernel heap issues
From: Eugene Teo <eugene () redhat com>
Date: Tue, 25 Jan 2011 11:48:29 +0800
On 01/25/2011 05:46 AM, Kees Cook wrote:
Hello, I don't think these minor issues I reported to the Linux Kernel have had CVEs assigned to them: heap contents leak for CAP_NET_ADMIN via ethtool ioctl http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=b00916b189d13a615ff05c9242201135992fcda3
These require CAP_NET_ADMIN. CVE-2010-4655.
iowarrior usb device heap overflow http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3ed780117dbe5acb64280d218f0347f238dafed0
CVE-2010-4656. Eugene
Current thread:
- CVE request: linux kernel heap issues Kees Cook (Jan 24)
- Re: CVE request: linux kernel heap issues Kurt Seifried (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 27)
- Re: CVE request: linux kernel heap issues Eugene Teo (Jan 24)