Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Linux kernel security hardening Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Mon, 07 Sep 2009 11:32:29 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: Willy Tarreau <w@....eu>, "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: tc: uninitialised kernel
 memory leak

Solar Designer wrote:
> On Thu, Sep 03, 2009 at 11:45:03AM +0800, Eugene Teo wrote:
>> Three bytes of uninitialised kernel memory are currently leaked to user.
>>
>> http://patchwork.ozlabs.org/patch/32830/
>> https://bugzilla.redhat.com/show_bug.cgi?id=520990
> 
> 2.4 kernels appear to be affected as well, and moreover they appear to
> require at least some of these older fixes as well:
> 
> http://marc.info/?l=git-commits-head&m=112002138324380

This is commit 9ef1d4c7c7aca1cd436612b6ca785b726ffb8ed8.

And linux-2.4.37.y needs the following two patches too:

[NETLINK]: Clear padding in netlink messages
b3563c4fbff906991a1b4ef4609f99cca2a0de6a

[NETLINK]: Missing padding fields in dumped structures
8a47077a0b5aa2649751c46e7a27884e6686ccbf

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ