|
Message-ID: <5135CAAD.7030504@redhat.com> Date: Tue, 05 Mar 2013 03:36:29 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: P J P <ppandit@...hat.com> Subject: Re: CVE request: Linux kernel: xfs: _xfs_buf_find NULL pointer dereference -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/05/2013 03:08 AM, P J P wrote: > Hello, > > Linux kernel built with support for XFS file system is vulnerable > to a NULL pointer dereference flaw. This occurs while accessing > blocks beyond the end of the file system, possibly on a corrupted > device. > > A user able to mount the file system could use this flaw to crash > the kernel, resulting in DoS. > > Upstream fix: ------------- -> > https://git.kernel.org/linus/eb178619f930fa2ba2348de332a1ff1c66a31424 > > Reference: ---------- -> > https://bugzilla.redhat.com/show_bug.cgi?id=918009 > > Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A > 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B Please use CVE-2013-1819 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRNcqsAAoJEBYNRVNeJnmTNWAP/iVgzKLALr90GoEczhWQXMWt xFE/DyzNpjR1qm3S3gPJ2MUozGYX4UgF6+68F3dpJJY85woXY0k40rdK8KPctlfE 5dVHOeSAVxvEV0SfEK0rT6+L1KD5rCjnoOR1l2QyCYX2Qww04PLOIN/uZlJeEklY BjdZ6JueSQfyJNaCBpDyURwpY1GNk69TpHJ9+NHcOJ/BmsspVcMN5aOd4XN94U8M 0D3s5mWj8hBsoPLFziNanFbJJNHZx6PrJoQyNwr6XOoGD3AwlhIUgVtHERMyxGxF wh3d1GdSqWhjPvrFr1DlQD0Pi4h5Pgp0YwOetREpjzPaWzkIinvNTZwHmGTHGNVL 2U36DFi/N67xqZgZ+isRdIl1LsEuLueUJlZB813iYbG1mRQpCyZ/5nX5uliwqAlX mO7mg1Nj1mgvjFrb7M8wRU9tW1es364u6Rproa7qx2BATrfvqZMUPFDW3xGBVTqA fqIpgLjvYq+DXTJPGAPN1R9sP3kFtoudh1UzYeoTu20cEJhpThSoRLsHQWTZFaOB RW5QVs0MQphxRvGjCL/DsLRad6Ofv7C18NUpeOE6E4rYX7OzfUDEiQcfD5P++PkZ 1U46TLXlfZlSFv6Ba/OzDrRuKJrY3VHBe7voIb/0iyfTEyundsGlvSd/o8afSvs3 Kml2h0N0OZMp2C/WXIs8 =8keL -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.