Re: old buffer overflow in moxa driver

On Tue, May 01, 2007 at 04:29:27AM -0400, Andres Salomon wrote:
> Right; the lack of input checking is most definitely a bug.  It's no
> longer a security issue, as a CAP_SYS_RAWIO check was added at some
> point to the code path, but it's still a bug.

I hadn't noticed this, but yes - the CAP_SYS_RAWIO check was added in
2.6.16.

-- 
dann frazier | HP Open Source and Linux Organization
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • old buffer overflow in moxa driver
    • From: dann frazier <[email protected]>
  • Re: old buffer overflow in moxa driver
    • From: Alan Cox <[email protected]>
  • Re: old buffer overflow in moxa driver
    • From: Jiri Slaby <[email protected]>
  • Re: old buffer overflow in moxa driver
    • From: Andres Salomon <[email protected]>

• Prev by Date: Re: 2.6.21: longhaul freq-scaling broken
• Next by Date: Re: [PATCH] i386: init early_gdt_descr and idle task properly on voyager
• Previous by thread: Re: old buffer overflow in moxa driver
• Next by thread: Re: old buffer overflow in moxa driver
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]