On Tue, Apr 26, 2016 at 2:01 PM, Shawn Webb <shawn.w...@hardenedbsd.org> wrote: > On Tue, Apr 26, 2016 at 08:36:32PM +0000, Kristof Provost wrote: >> Author: kp >> Date: Tue Apr 26 20:36:32 2016 >> New Revision: 298664 >> URL: https://svnweb.freebsd.org/changeset/base/298664 >> >> Log: >> msdosfs: Prevent buffer overflow when expanding win95 names >> >> ... > > Will this be MFC'd? Since it's triggerable as non-root, should this have > a CVE? Though the commit log shows technical comments, it doesn't show > related security information.
Is it triggerable as non-root? Don't you need to write a malicious filesystem image and persuade FreeBSD to mount it? Best, Conrad _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
