Re: old buffer overflow in moxa driver

From: dann frazier
Date: Tue May 01 2007 - 10:50:25 EST

Next message: James Bottomley: "Re: [PATCH] i386: init early_gdt_descr and idle task properly onvoyager"
Previous message: RafaÅ Bilski: "Re: 2.6.21: longhaul freq-scaling broken"
In reply to: Andres Salomon: "Re: old buffer overflow in moxa driver"
Next in thread: Alan Cox: "Re: old buffer overflow in moxa driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 01, 2007 at 04:29:27AM -0400, Andres Salomon wrote:
> Right; the lack of input checking is most definitely a bug. It's no
> longer a security issue, as a CAP_SYS_RAWIO check was added at some
> point to the code path, but it's still a bug.

I hadn't noticed this, but yes - the CAP_SYS_RAWIO check was added in
2.6.16.

--
dann frazier | HP Open Source and Linux Organization
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Bottomley: "Re: [PATCH] i386: init early_gdt_descr and idle task properly onvoyager"
Previous message: RafaÅ Bilski: "Re: 2.6.21: longhaul freq-scaling broken"
In reply to: Andres Salomon: "Re: old buffer overflow in moxa driver"
Next in thread: Alan Cox: "Re: old buffer overflow in moxa driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]