oss-sec mailing list archives

Re: CVE request -- Linux kernel irda driver buffer overflow


From: Mark J Cox <mjc () redhat com>
Date: Tue, 27 Jan 2009 07:46:27 +0000 (GMT)

A buffer overflow has been recently fixed in the Linux kernel irda
driver.

This doesn't seem to have any security implications; it's a single null byte overflow that happens all the time (not under control of an attacker), and from looking at the function that null byte isn't going to overwrite anything that would lead to a security consequence.

So it looks to me like a bug, no CVE.

Thanks, Mark
--
Mark J Cox / Red Hat Security Response Team


Current thread: