CVS: cvs.openbsd.org: src

Theo Buehler Wed, 12 Jul 2023 12:35:15 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     t...@cvs.openbsd.org    2023/07/12 13:35:04


Modified files:
        sys/kern       : Tag: OPENBSD_7_2 exec_elf.c 

Log message:
address incomplete validation of ELF program headers in execve(2) which could 
lead
to a panic in vmcmd_map_readvn() with a malformed binary/interpreter.

original crash found with Melkor, additional validation provided by
guenther@.

ok kettenis@ guenther@ deraadt@
from jasper

this is errata/7.2/030_elf.patch.sig

CVS: cvs.openbsd.org: src

Reply via email to