'Re: [oss-security] CVE-2011-4110 kernel: keys: NULL pointer deref'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2011-4110 kernel: keys: NULL pointer deref
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2011-11-22 4:08:14
Message-ID: 4ECB202E.60607 () redhat ! com
[Download RAW message or body]

On 11/21/2011 02:26 PM, Kurt Seifried wrote:
> On 11/21/2011 10:51 AM, Petr Matousek wrote:
>> There is a NULL pointer deref in the user-defined key type whereby
>> updating a negative key into a fully instantiated key will cause
>> an oops to occur when the code attempts to free the non-existent
>> old payload.
>>
>> Upstream commit:
>> 9f35a33b8d06263a165efe3541d9aa0cdbd70b3b
>>
>> References:
>> https://lkml.org/lkml/2011/11/15/363
>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4110
>>
>> Thanks,
> Please use CVE-2011-4331 for this issue.
>
I failed to read the subject line and need to go to remedial reading
classes. Please reject CVE-2011-4331

-- 

-Kurt Seifried / Red Hat Security Response Team

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic