Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On Mon, Oct 31, 2016 at 10:32:13PM +0100, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not a

Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On Mon, Oct 31, 2016 at 10:32:13PM +0100, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not a

Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On 10/31/2016 10:32 PM, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not a security issue because

Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On 10/31/2016 10:32 PM, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not a security issue because

Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On Mon, Oct 31, 2016 at 2:32 PM, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not

Re: [PATCH] swapfile: fix memory corruption via malformed swapfile

On Mon, Oct 31, 2016 at 2:32 PM, Jann Horn wrote: > When root activates a swap partition whose header has the wrong endianness, > nr_badpages elements of badpages are swabbed before nr_badpages has been > checked, leading to a buffer overrun of up to 8GB. > > This normally is not a security issue

[PATCH] swapfile: fix memory corruption via malformed swapfile

When root activates a swap partition whose header has the wrong endianness, nr_badpages elements of badpages are swabbed before nr_badpages has been checked, leading to a buffer overrun of up to 8GB. This normally is not a security issue because it can only be exploited by root (more

[PATCH] swapfile: fix memory corruption via malformed swapfile

When root activates a swap partition whose header has the wrong endianness, nr_badpages elements of badpages are swabbed before nr_badpages has been checked, leading to a buffer overrun of up to 8GB. This normally is not a security issue because it can only be exploited by root (more