| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Hi, folks |
| 5 |
|
| 6 |
I'm attempting to determine if the recent CVS security advisory should be |
| 7 |
rated as 'high' or 'critical'. The bug involves a global pointer-to-heap |
| 8 |
that may be forced to free twice. The issue is whether or not Linux is |
| 9 |
fundamentally vulnerable to double-free bugs (which, for example, on BSD |
| 10 |
might permit execution of arbitrary code). |
| 11 |
|
| 12 |
The advisory doesn't seem to indicate whether Linux is subject to the same |
| 13 |
vulnerabilty to a double-free problem. |
| 14 |
|
| 15 |
Anyone know offhand? |
| 16 |
- -- |
| 17 |
AJ Armstrong |
| 18 |
aja@×××××××××××××.com |
| 19 |
|
| 20 |
Memes are a hoax. Pass it on. |
| 21 |
-----BEGIN PGP SIGNATURE----- |
| 22 |
Version: GnuPG v1.2.1 (GNU/Linux) |
| 23 |
|
| 24 |
iD8DBQE+MbZzSgEAcQ45BAYRAmUNAJ0X7zSKYUg90SWe5iQ5eVT7YZiUoQCeMSw5 |
| 25 |
e2OfuC6y306qQ2lmoC0/9PU= |
| 26 |
=4fhl |
| 27 |
-----END PGP SIGNATURE----- |
| 28 |
|
| 29 |
|
| 30 |
-- |
| 31 |
gentoo-dev@g.o mailing list |
Archives