Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request - Linux kernel: VFAT slab-based buffer overflow
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 26 Feb 2013 23:29:10 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/26/2013 02:38 PM, Yves-Alexis Perez wrote:
On mar., 2013-02-26 at 14:05 -0700, Kurt Seifried wrote:
The problem with security is you have to basically do it 100% 
correctly 100% of the time

You can also look at other, more proactives approaches (hardening
the memory layout, enforcing W^X etc.). Even hardening userland
might help here.

I was referring to security process, not security technology, sorry I
should have been more clear.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRLae2AAoJEBYNRVNeJnmTFicP/R1mzoiCLtPWlwy9JEDJuYK6
/K1p7UD1CmxyFdP/tkNoDDjv9QSIqw4Savg0hD1nvpYR/Wm7nB4006dkDCNRZVXr
XcgwKRKMHbX6cDLRONOLrCgplAnq+QR5A8V3hqpnRyRLq/OFvbuQO9JaKkM8t4+u
J1tip7qgZyTFtC5E5h47L3DoCTnb7+r3xF77lnuXn3xRrH1zWogKS/1rhsGURH5Z
7lbITT5yjaOoKENZnllYGXBOcaadgnJ8j0TobTrPTLEUZJyjgB5Lh6KM9QFzQ4VZ
lrKwyfc0+vt72ATd1650c7GBvQKXQanWLsONmqx90Kx1JXXQK5ubTWzPAkO7BS8f
9P8BJT0vGrUIgBNvUKQipbiDVJqoLmcNmwdMTEJBN67Vti+H8UHI7WuM6XJrqvGX
oygDGsJGqcU2vsS0SPtM0scoA74zVLv3N8Z74iRcDytEJmcosUcxmMpDIQ25tWDc
CpFPKTGY/2ioBvZRIo/Q7Unbsxuh+QfmHqDy2uPg7ABnzpAo60Awof17mN3F/OcE
jXTui92H7ylfePok3jS9GML68LHM0Ajcy9LbENT22q7QtNSj7sXFAtQNjHYWOxBL
6dId7Zuk3TdVA9dtjirhkMXe+3ezTq98tyP5bXgBToImXRVf56b6ukcZtvhg0LrU
XO/mTbiIdJ8nhIz6jA67
=1I97
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]