svn commit: r298664 - head/sys/fs/msdosfs
Conrad Meyer
cem at FreeBSD.org
Tue Apr 26 21:09:27 UTC 2016
On Tue, Apr 26, 2016 at 2:01 PM, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
> On Tue, Apr 26, 2016 at 08:36:32PM +0000, Kristof Provost wrote:
>> Author: kp
>> Date: Tue Apr 26 20:36:32 2016
>> New Revision: 298664
>> URL: https://svnweb.freebsd.org/changeset/base/298664
>>
>> Log:
>> msdosfs: Prevent buffer overflow when expanding win95 names
>>
>> ...
>
> Will this be MFC'd? Since it's triggerable as non-root, should this have
> a CVE? Though the commit log shows technical comments, it doesn't show
> related security information.
Is it triggerable as non-root? Don't you need to write a malicious
filesystem image and persuade FreeBSD to mount it?
Best,
Conrad
More information about the svn-src-head
mailing list