[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: kernel: remote buffer overflow in
From:       Eugene Teo <eugene () redhat ! com>
Date:       2011-06-27 3:22:36
Message-ID: 4E07F77C.7070301 () redhat ! com
[Download RAW message or body]

On 06/25/2011 07:15 AM, Dan Rosenberg wrote:
> A remote user can provide a small value for the command size field in
> the command header of an l2cap configuration request, resulting in an
> integer underflow when subtracting the size of the configuration request
> header.  This results in copying a very large amount of data via
> memcpy() and destroying the kernel heap. [1]
> 
> -Dan
> 
> [1] http://marc.info/?l=linux-kernel&m=130891911909436&w=2

Please use CVE-2011-2497.

Eugene
[prev in list] [next in list] [prev in thread] [next in thread]