Date: Tue, 19 Mar 2013 22:15:30 +0100 From: Mathias Krause <minipli@...glemail.com> To: oss-security@...ts.openwall.com Subject: Linux kernel: net - three info leaks in rtnl I fixed a few more info leaks in linux v3.9-rc3. Unprivileged users can use the netlink interface to exploit the following issues to disclose kernel stack memory: 29cd8ae dcbnl: fix various netlink info leaks http://git.kernel.org/linus/29cd8ae0e1a39e239a3a7b67da1986add1199fc0 84d73cd rtnl: fix info leak on RTM_GETLINK request for VF devices http://git.kernel.org/linus/84d73cd3fb142bf1298a8c13fd4ca50fd2432372 c085c49 bridge: fix mdb info leaks http://git.kernel.org/linus/c085c49920b2f900ba716b4ca1c1a55ece9872cc David Miller did backports for the above issues which are currently under review and should end up in the next stable and longterm kernels. Regards, Mathias
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ