Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Wed, 14 Oct 2009 14:25:39 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>, Willy Tarreau <w@....eu>
Subject: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7

Eugene Teo wrote:
> [...]
>>   CVE-2005-4881 - tc_fill_qdisc()  (at least)
> 
> This requires http://patchwork.ozlabs.org/patch/35412/ too. There was a 
> typo in the upstream commit 9ef1d4c7.

I'm not sure but perhaps this needs a new CVE name. This infoleak bug 
was introduced in 2005, but was discovered and fixed recently.

Eugene
-- 
Eugene Teo / Red Hat Security Response Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ