OpenBSD Validation Error in copy(9) Has Unspecified Impact
|
|
SecurityTracker Alert ID: 1013333 |
|
SecurityTracker URL: http://securitytracker.com/id/1013333
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Mar 17 2005
|
Original Entry Date: Mar 1 2005
|
Impact:
Not specified
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.5, 3.6
|
Description:
A vulnerability was reported in the OpenBSD kernel in the copy function. The impact was not specified.
The copy(9) function does not properly perform certain checking functions to prevent misuse.
The vulnerability resides in 'sys/arch/i386/i386/locore.s'.
|
Impact:
The impact was not specified.
|
Solution:
The vendor has issued the following patches:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/i386/028_locore.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.6/i386/011_locore.patch
|
Vendor URL: www.openbsd.org/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 1 Mar 2005 02:31:51 -0500
Subject: [none]
|
> SECURITY FIX: February 28, 2005
> More stringent checking should be done in the copy(9) functions to prevent their
> misuse.
> A source code patch exists which remedies this problem.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/i386/028_locore.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.6/i386/011_locore.patch
|
|
