Bug#631161: kfreebsd-8: cve-2011-2480 info disclosure
Robert Millan wrote:
> 2011/6/20 Michael Gilbert <michael.s.gilbert@gmail.com>:
> > http://openwall.com/lists/oss-security/2011/06/16/1
>
> "The issue only affects certain non-x86 architectures,
> such as SPARC."
looking at the commit itself [0], i find Dan's conclusion rather
surprising. the affected code is in the 802.11 stack, so it seems like
it should be platform-independent. i doubt x86 is any better at
handling signedness issues, but i suppose i could be missing something.
best wishes,
mike
[0] http://svnweb.freebsd.org/base?view=revision&revision=223145
Reply to: