oss-sec mailing list archives

Re: [CVE request] systemd

From: Sebastian Krahmer <krahmer () suse de>
Date: Tue, 1 Oct 2013 11:55:59 +0200

On Tue, Oct 01, 2013 at 12:56:23PM +0530, Huzaifa Sidhpurwala wrote:

Hi All,

I would like to request CVE ids for 4 systemd issues.

1. systemd: Integer overflow, leading to heap-based buffer overflow by
processing native messages
https://bugzilla.redhat.com/show_bug.cgi?id=859051

2. systemd: TOCTOU race condition when updating file permissions and
SELinux security contexts
https://bugzilla.redhat.com/show_bug.cgi?id=859060


That sounds interesting. Do you have a patch for this one? I cannot
access the bug as is (at least I see no link to a real discussion
or patch-link).

thx,
Sebastian


-- 

~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer () suse de - SuSE Security Team

Current thread:

[CVE request] systemd Huzaifa Sidhpurwala (Oct 01)
- Re: [CVE request] systemd Sebastian Krahmer (Oct 01)
- Re: [CVE request] systemd Kurt Seifried (Oct 01)