[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation

On Fri, 2007-12-14 at 13:55 -0500, Jarod Wilson wrote:
> Alex Williamson wrote:
> > On Fri, 2007-12-14 at 15:52 +0900, Kouya Shimura wrote:
> >> Hi,
> >>
> >> The reputation of my previous patch was not so good,
> >> then I rewrote it. An attached patch is temporary fix
> >> for xen-3.2.
> 
> Anyone know offhand if this vulnerability exists in xen 3.1.x as well? 
> (As in, is this something a certain vendor shipping a xen 3.1.x codebase 
> needs to pull into their own tree ASAP? :)

   Yes, I believe the exposure is there too.  I was planning to port it
to the 3.1 tree once it's in the mainline.  It looks very straight
forward, just omit the chunk updating pal_brand_info since that didn't
exist back then.  Thanks,

        Alex

-- 
Alex Williamson                             HP Open Source & Linux Org.


_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.