[Bug 266136] ctl_ioctl() passes user-supplied size directly to kernel malloc() -> potential crash

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 266136] ctl_ioctl() passes user-supplied size directly to kernel malloc() -> potential crash"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 07 Sep 2022 01:07:33 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266136

--- Comment #2 from Ed Maste <emaste@freebsd.org> ---
(In reply to Alexander Motin from comment #1)

Thanks

Please make a note in the commit message about the device being available only
to root (and hence not requiring an advisory).

-- 
You are receiving this mail because:
You are the assignee for the bug.