Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Jun 2013 10:19:22 +0200
From: Jonathan Salwan <jonathan.salwan@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Linux Kernel - Leak information in cdrom driver.

Hi,

When we read a block from the disk it normally fills a buffer but if
the drive is malfunctioning there is a chance that it would only be
partially filled. The result is an leak information to userspace.

Patch applied and committed in the next-line :

http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2


Could you allocate a CVE id for this?

Thanks,

-- Jonathan

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ