From: Dan Carpenter <error27@xxxxxxxxx> Date: Mon, 10 Jan 2011 17:06:58 +0300 > Dan Rosenberg pointed out that there were some signed comparison bugs > in the phonet protocol. > > http://marc.info/?l=full-disclosure&m=129424528425330&w=2 > > The problem is that we check for array overflows but "protocol" is > signed and we don't check for array underflows. If you have already > have CAP_SYS_ADMIN then you could use the bugs to get root, or someone > could cause an oops by mistake. > > Signed-off-by: Dan Carpenter <error27@xxxxxxxxx> Applied. -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
