+-- On Tue, 5 Sep 2017, Thomas Garnier wrote --+
| Btw, can you open a CVE for that? (and reference it in the commit).
Done; Sent revised patch v1.
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
On Tue, Sep 5, 2017 at 10:49 AM, P J P wrote:
> From: Prasad J Pandit
>
> While loading kernel via multiboot-v1 image, (flags & 0x0001)
> indicates that multiboot header contains valid addresses to load
> the kernel image. These addresses are used to compute kernel
> size and kernel text offs
On Tue, Sep 5, 2017 at 11:12 AM, Thomas Garnier wrote:
> On Tue, Sep 5, 2017 at 10:49 AM, P J P wrote:
>> From: Prasad J Pandit
>>
>> While loading kernel via multiboot-v1 image, (flags & 0x0001)
>> indicates that multiboot header contains valid addresses to load
>> the kernel image. These a
From: Prasad J Pandit
While loading kernel via multiboot-v1 image, (flags & 0x0001)
indicates that multiboot header contains valid addresses to load
the kernel image. These addresses are used to compute kernel
size and kernel text offset in the OS image. Validate these
address values to avoid
