Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.GSO.4.51.0909162132180.7046@faron.mitre.org>
Date: Wed, 16 Sep 2009 21:32:26 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: perf_counter: Fix buffer
 overflow in perf_copy_attr()


======================================================
Name: CVE-2009-3234
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3234
Reference: MLIST:[linux-kernel] 20090916 [patch 15/45] perf_counter: Fix buffer overflow in perf_copy_attr()
Reference: URL:http://article.gmane.org/gmane.linux.kernel/890654
Reference: MLIST:[oss-security] 20090916 CVE request: kernel: perf_counter: Fix buffer overflow in perf_copy_attr()
Reference: URL:http://www.openwall.com/lists/oss-security/2009/09/16/1
Reference: BID:36423
Reference: URL:http://www.securityfocus.com/bid/36423

Buffer overflow in the perf_copy_attr function in
kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local
users to cause a denial of service (crash) via a "big size data" to
the perf_counter_open system call.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.