Re: [oss-security] CVE Request: kernel [Re: Security review of 2.6.32.28]

> > > [03/49] fuse: verify ioctl retries > > Kernel buffer overflow, but only CUSE servers could exploit it and > > /dev/cuse is normally restricted to root. > > Upstream fix: > http://git.kernel.org/linus/7572777eef78ebdee1ecb7c258c0ef94d35bad16 > Introduced in 2.6.29. Please use CVE-2010-4650

CVE Request: kernel [Re: Security review of 2.6.32.28]

On Thu, Jan 06, 2011 at 01:05:47AM +, Ben Hutchings wrote: > These are the patches that looked security-relevant, from a fairly quick > review: Thanks for the review Ben! Steve, can you assign CVEs for the following issues? > [03/49] fuse: verify ioctl retries > Kernel buffer overflow, but on

Security review of 2.6.32.28

These are the patches that looked security-relevant, from a fairly quick review: [03/49] fuse: verify ioctl retries Kernel buffer overflow, but only CUSE servers could exploit it and /dev/cuse is normally restricted to root. [16/49] IB/uverbs: Handle large number of entries in poll CQ Fixes integ