Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: David Gwynne (dlgcvs.openbsd.org)
Date: Mon Jun 21 2010 - 08:28:09 CDT
Module name: src
Changes by: dlgcvs.openbsd.org 2010/06/21 07:28:09
sys/dev : vscsi.c
fix an integer arithmetic overflow.
An attacker can get past the ENOMEM check in vscsi_data() by first
reading/writing 1 byte and then reading/writing 0xffffffff bytes.
found and fixed by matthew dempsky