Hardy CVE-2010-3873, memory corruption in X.25 facilities parsing (V2)
Tim Gardner
tim.gardner at canonical.com
Tue Feb 1 18:16:22 UTC 2011
On 02/01/2011 11:00 AM, Kees Cook wrote:
> Hi Andy,
>
> On Tue, Feb 01, 2011 at 09:06:43AM -0800, Kees Cook wrote:
>> On Tue, Feb 01, 2011 at 02:41:26PM +0000, Andy Whitcroft wrote:
>>> Kees, I note that in v2.6.37 and later there is also this commit below,
>>> you might want to review for relevance here. It seems to prevent bad
>>> packets triggering panics.
>>>
>>> commit 5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f
>>> Author: Dan Rosenberg<drosenberg at vsecurity.com>
>>> Date: Fri Nov 12 12:44:42 2010 -0800
>>>
>>> x25: Prevent crashing when parsing bad X.25 facilities
>>
>> Yes, please. :)
>
> Actually, the above patch is for CVE-2010-4164
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4164
>
> -Kees
>
OK, then we'll get to it as we grind down the list.
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list