Vigil@nce - OpenBSD 5.3: two vulnerabilities of vio driver
June 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of vio driver of
OpenBSD 5.3.
Impacted products: OpenBSD
Severity: 2/4
Creation date: 12/06/2013
DESCRIPTION OF THE VULNERABILITY
Two vulnerabilities were announced in the vio driver of the
OpenBSD 5.3 kernel.
The routine vio_alloc_mem() in the file sys/dev/pci/if_vio.c
allocates a too small table, compared with the number of allowed
entries. [severity:2/4]
A memory area used to store packets is not freed at suitable time.
[severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/OpenBSD-5-3-two-vulnerabilities-of-vio-driver-12972