oss-sec mailing list archives
CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug
From: "Eugene Teo" <eugeneteo () kernel sg>
Date: Wed, 10 Dec 2008 15:39:23 +0800
Steve, here's another one that needs a CVE name. Thanks! http://bugzilla.kernel.org/show_bug.cgi?id=11399 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7c2500f --- [WATCHDOG] ib700wdt.c - fix buffer_underflow bug This fixes Bug 11399: if ibwdt_set_heartbeat(int t) is called with value 30 then the check "if ((t < 0) || (t > 30))" in ibwdt_set_heartbeat is not going to fail because t == 30, but in the loop, the check wd_times[i] > t is never going to be true because none of the wd_times are greater than the value of t (i.e. 30). So we are exiting the loop with i == -1 and therefore setting wd_margin to -1 which is wrong. Reported-by: Zvonimir Rakamaric <zrakamar () cs ubc ca> Signed-off-by: Wim Van Sebroeck <wim () iguana be>
Current thread:
- CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 09)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Marcus Meissner (Dec 17)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 21)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 24)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Eugene Teo (Dec 16)
- Re: CVE request: kernel: watchdog: ib700wdt.c - buffer_underflow bug Steven M. Christey (Dec 16)