Re: [oss-security] Re: [PATCH] acpi: debugfs: fix buffer overflows, double free

----- Original Message -----
> On 01/23/2011 04:13 AM, Steven M. Christey wrote:
> >
> > On Fri, 21 Jan 2011, Eugene Teo wrote:
> >
> >> On 01/21/2011 04:08 AM, Vasiliy Kulikov wrote:
> >>> File position is not controlled, it may lead to overwrites of
> >>> arbitrary
> >>> kernel memory. Also the code may kfree() the same pointer multiple
> >>> times.
> >>
> >> http://lkml.org/lkml/2011/1/20/348
> >> https://bugzilla.redhat.com/CVE-2011-0023
> >>
> >> Please use CVE-2011-0023 (this does not include the unresolved flaw
> >> described in the following paragraph below).
> >
> > There seem to be 2 types of issues described above - the
> > uncontrolled
> > file position / memory overwrite, and a "double free". So there
> > should
> > probably be 2 separate CVEs, not one. Am I missing something?
>
> Sorry about it. Please see http://seclists.org/oss-sec/2011/q1/106.
>

Eugene, does the "unresolved flaw" still need an ID? This thread now
confuses me.

Thanks.

-- JB

• This message: [ Message body ]
• Next message: Vasiliy Kulikov: "[oss-security] Re: [PATCH] acpi: debugfs: fix buffer overflows, double free"
• Previous message: Josh Bressers: "Re: [oss-security] CVE request: xpdf"
• In reply to: Eugene Teo: "Re: [oss-security] Re: [PATCH] acpi: debugfs: fix buffer overflows, double free"
• Next in thread: Eugene Teo: "Re: [oss-security] Re: [PATCH] acpi: debugfs: fix buffer overflows, double free"
• Reply: Eugene Teo: "Re: [oss-security] Re: [PATCH] acpi: debugfs: fix buffer overflows, double free"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]