Home page logo
/

oss-sec logo oss-sec mailing list archives

Please REJECT CVE-2011-1161
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 11 Oct 2011 21:23:11 +0200

Patch for this CVE in its original form tried to limit TPM_PARAMSIZE to
the userspace buffer size. While this is still an unsolved problem
(because of the patch changes), with patches for CVE-2011-1160 and
CVE-2011-1162 applied this is a security hardening not a security flaw.
Please reject this as a dupe of CVE-2011-1160 and/or CVE-2011-1162.

References: 
https://github.com/torvalds/linux/commit/6b07d30a
https://bugzilla.redhat.com/show_bug.cgi?id=732629#c13
http://sourceforge.net/mailarchive/forum.php?thread_name=CAGyNYUPLbujZm0hq9rfBgXk-xw_xm1ofhe59yNkqEupdt5fUrg%40mail.gmail.com&forum_name=tpmdd-devel

Thank you,
-- 
Petr Matousek / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
  • Please REJECT CVE-2011-1161 Petr Matousek (Oct 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]