On Thu, Jun 19, 2008 at 3:32 PM, Tomas Winkler <tomasw@xxxxxxxxx> wrote:
> On Fri, Jun 20, 2008 at 1:04 AM, David Miller <davem@xxxxxxxxxxxxx> wrote:
>> From: "Tomas Winkler" <tomasw@xxxxxxxxx>
>> Date: Thu, 19 Jun 2008 23:29:55 +0300
>>
>>> On Thu, Jun 19, 2008 at 11:18 PM, Johannes Berg
>>> <johannes@xxxxxxxxxxxxxxxx> wrote:
>>> >
>>> >> >> + if (country_ie_len < 6) {
>>> >> >> + printk(KERN_ERR "%s: country information element shorter (%d)"
>>> >> >> + " than expected.\n", __func__, country_ie_len);
>>> >> >
>>> >> > Remotely exploitable security bug.
>>> >
>>> >> Please explain,
>>> >
>>> > Sending broken frames will fill the disk.
>>>
>>> I see thanks (yeah, distors doesn't make separate log partitions as default)
>>
>> How distros do their partitioning is neither here not there. And even
>> if they make a seperate log partition, that means it's still exploitable
>> in that you will no longer get the other non-spam log messages that might
>> be important to know about.
>>
>> Any kernel log message triggerable remotely without any kind of rate
>> limiting is a bug.
>
> Will keep in mind
Hey Tomas,
Just wondering if you have some second version of these patches we can review?
Luus
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
