oss-sec mailing list archives
Re: CVE request -- Linux kernel irda driver buffer overflow
From: Mark J Cox <mjc () redhat com>
Date: Tue, 27 Jan 2009 07:46:27 +0000 (GMT)
A buffer overflow has been recently fixed in the Linux kernel irda driver.
This doesn't seem to have any security implications; it's a single null byte overflow that happens all the time (not under control of an attacker), and from looking at the function that null byte isn't going to overwrite anything that would lead to a security consequence.
So it looks to me like a bug, no CVE. Thanks, Mark -- Mark J Cox / Red Hat Security Response Team
Current thread:
- CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna (Jan 26)
- Re: CVE request -- Linux kernel irda driver buffer overflow Mark J Cox (Jan 26)
- Re: CVE request -- Linux kernel irda driver buffer overflow Miklos Vajna (Jan 27)
- Re: CVE request -- Linux kernel irda driver buffer overflow Mark J Cox (Jan 26)
