Date: Wed, 24 Aug 2016 15:24:00 +0300 From: Michael Zhilin <mizhka@gmail.com> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: "Landon J. Fuller" <landonf@freebsd.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r304692 - head/sys/dev/bhnd/bhndb Message-ID: <CAF19XBJ6--Ep3zFrrq8YsEEOqUQQSmEtdFMrW9C%2BQhqPVj9b-Q@mail.gmail.com> In-Reply-To: <20160824120957.GA74786@mutt-hardenedbsd> References: <201608231903.u7NJ3Bjc019151@repo.freebsd.org> <20160824120957.GA74786@mutt-hardenedbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I doubt. bhndb is new bus driver (WIP) and nobody use it now. In future it will be used for BroadCom WiFi card (bwn) attached to PCI bus. Best regards, Michael On Wed, Aug 24, 2016 at 3:09 PM, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > On Tue, Aug 23, 2016 at 07:03:11PM +0000, Landon J. Fuller wrote: > > Author: landonf > > Date: Tue Aug 23 19:03:11 2016 > > New Revision: 304692 > > URL: https://svnweb.freebsd.org/changeset/base/304692 > > > > Log: > > bhndb(4): Fix unsigned integer underflow in dynamic register window > > handling. This resulted in the window target being left uninitialized > > when an underflow occured. > > Is this remotely exploitable? What are the ramifications of this bug? > > Thanks, > > -- > Shawn Webb > Cofounder and Security Engineer > HardenedBSD > > GPG Key ID: 0x6A84658F52456EEE > GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF19XBJ6--Ep3zFrrq8YsEEOqUQQSmEtdFMrW9C%2BQhqPVj9b-Q>