On Fri, Dec 01, 2017 at 01:46:07AM +0100, Jann Horn wrote:
> Check whether inputs from userspace are too long (explicit length field too
> big or string not null-terminated) to avoid out-of-bounds reads.
>
> As far as I can tell, this can at worst lead to very limited kernel heap
> memory disclosu
On Thu, Nov 30, 2017 at 11:08 PM, Jann Horn wrote:
> On Fri, Dec 1, 2017 at 5:04 AM, Willem de Bruijn
> wrote:
>> On Thu, Nov 30, 2017 at 7:46 PM, Jann Horn wrote:
>>> Check whether inputs from userspace are too long (explicit length field too
>>> big or string not null-terminated) to avoid out-
On Fri, Dec 1, 2017 at 5:04 AM, Willem de Bruijn
wrote:
> On Thu, Nov 30, 2017 at 7:46 PM, Jann Horn wrote:
>> Check whether inputs from userspace are too long (explicit length field too
>> big or string not null-terminated) to avoid out-of-bounds reads.
>>
>> As far as I can tell, this can at wo
On Thu, Nov 30, 2017 at 7:46 PM, Jann Horn wrote:
> Check whether inputs from userspace are too long (explicit length field too
> big or string not null-terminated) to avoid out-of-bounds reads.
>
> As far as I can tell, this can at worst lead to very limited kernel heap
> memory disclosure or oop
Check whether inputs from userspace are too long (explicit length field too
big or string not null-terminated) to avoid out-of-bounds reads.
As far as I can tell, this can at worst lead to very limited kernel heap
memory disclosure or oopses.
This bug can be triggered by an unprivileged user even
