oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Please REJECT CVE-2011-1161

From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 11 Oct 2011 21:23:11 +0200
Patch for this CVE in its original form tried to limit TPM_PARAMSIZE to
the userspace buffer size. While this is still an unsolved problem
(because of the patch changes), with patches for CVE-2011-1160 and
CVE-2011-1162 applied this is a security hardening not a security flaw.
Please reject this as a dupe of CVE-2011-1160 and/or CVE-2011-1162.

References: 
https://github.com/torvalds/linux/commit/6b07d30a
https://bugzilla.redhat.com/show_bug.cgi?id=732629#c13
http://sourceforge.net/mailarchive/forum.php?thread_name=CAGyNYUPLbujZm0hq9rfBgXk-xw_xm1ofhe59yNkqEupdt5fUrg%40mail.gmail.com&forum_name=tpmdd-devel

Thank you,
-- 
Petr Matousek / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: