[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] additional memory leak in USB userspace handling
From:       Eugene Teo <eugene () redhat ! com>
Date:       2010-02-18 16:11:13
Message-ID: 4B7D66A1.7040809 () redhat ! com
[Download RAW message or body]

On 02/17/2010 06:46 PM, Marcus Meissner wrote:
> Hi,
>
> a memory allocation leak (not information, just unfreed memory)
> was spotted and fixed by Linus during debugging of previous problem.
>
> On put_user() errors it would leak one "struct async" per REAPURB call.
>
> Fix is in commit ddeee0b2eec2a51b0712b04de4b39e7bec892a53, also
> attached.
>
> Affected code is also going back throughout 2.6 history.
>
> The issue is of less importance than the information leak fix, I am not
> sure if it deserves a CVE or not.

I was talking to Marcus about this. The attacker needs access to a USB 
device like the previous bug in order to exploit this.

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]