Date: Tue, 26 Apr 2016 14:09:19 -0700 From: Conrad Meyer <cem@FreeBSD.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Kristof Provost <kp@freebsd.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r298664 - head/sys/fs/msdosfs Message-ID: <CAG6CVpUxSrBZJ9GkpBrHCK12c%2BeWmP%2BnuQaoiKcN%2B%2BkTuvm2dA@mail.gmail.com> In-Reply-To: <20160426210138.GA13055@mutt-hardenedbsd> References: <201604262036.u3QKaWto038435@repo.freebsd.org> <20160426210138.GA13055@mutt-hardenedbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 26, 2016 at 2:01 PM, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > On Tue, Apr 26, 2016 at 08:36:32PM +0000, Kristof Provost wrote: >> Author: kp >> Date: Tue Apr 26 20:36:32 2016 >> New Revision: 298664 >> URL: https://svnweb.freebsd.org/changeset/base/298664 >> >> Log: >> msdosfs: Prevent buffer overflow when expanding win95 names >> >> ... > > Will this be MFC'd? Since it's triggerable as non-root, should this have > a CVE? Though the commit log shows technical comments, it doesn't show > related security information. Is it triggerable as non-root? Don't you need to write a malicious filesystem image and persuade FreeBSD to mount it? Best, Conrad
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpUxSrBZJ9GkpBrHCK12c%2BeWmP%2BnuQaoiKcN%2B%2BkTuvm2dA>