Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4DA27B9F.8010605@redhat.com>
Date: Mon, 11 Apr 2011 11:55:11 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: Josh Bressers <bressers@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE-2011-1479 (was Re: CVE request: kernel: inotify
 memory leak)

On 04/11/2011 11:32 AM, Eugene Teo wrote:
> On 11/24/2010 09:17 PM, Josh Bressers wrote:
>>
>> ----- "Eugene Teo"<eugene@...hat.com> wrote:
>>
>>> Reported by Vegard Nossum, if inotify_init is unable to allocate a new
>>>
>>> file for the new inotify group we leak the new group.
>>>
>>> Reproducer: http://lkml.org/lkml/2010/11/23/418 (this test case is
>>> only
>>> relevant if c44dcc56 (v2.6.34-rc1) is backported)
>>>
>>> Issue was introduced in 63c882a0 (v2.6.31-rc1).
>>>
>>> https://bugzilla.redhat.com/656830
>>
>> Please use CVE-2010-4250
>
> A regression was found. We assigned it with CVE-2011-1479. Fix for it
> can be found at: http://git.kernel.org/linus/d0de4dc5. More info here:
> https://bugzilla.redhat.com/CVE-2011-1479.

Repost just to make the subject clearer.

Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.