Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 02 Jul 2013 14:50:06 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marcus Meissner <meissner@...e.de>
Subject: Re: CVE Request: information leak in AF_KEY notify
 messages

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/01/2013 09:10 AM, Marcus Meissner wrote:
> Hi,
> 
> found in the mainline kernel git:
> 
> commit a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887 Author: Mathias
> Krause <minipli@...glemail.com> Date:   Wed Jun 26 23:52:30 2013
> +0200
> 
> af_key: fix info leaks in notify messages
> 
> key_notify_sa_flush() and key_notify_policy_flush() miss to
> initialize the sadb_msg_reserved member of the broadcasted message
> and thereby leak 2 bytes of heap memory to listeners. Fix that.
> 
> Signed-off-by: Mathias Krause <minipli@...glemail.com> Cc: Steffen
> Klassert <steffen.klassert@...unet.com> Cc: "David S. Miller"
> <davem@...emloft.net> Cc: Herbert Xu <herbert@...dor.apana.org.au> 
> Signed-off-by: David S. Miller <davem@...emloft.net>
> 
> Ciao, Marcus
> 

FYI please include link to commit, makes life quicker.

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887

Please use CVE-2013-2234 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR0zz9AAoJEBYNRVNeJnmTbqkP/ReXQ9G1f/HdFkK6seMmC1Ie
B6Bam0x4DjbDMYXcZIqbxh4ld5XsEvJEAwF4Yc63v2GpXAJDQoi3ZtgLBeds6ImE
SDYBPGiFw5puNINeOzn4ORSvdZyJLnvbzlRhRuioAfdW3KNNY2kv1N39+XEBke7t
+rqdAPs9cLt2W6Wrqk8o07LKFaWlUPOnQ87hNvilfvx6EKQp+WQlHSLpEscj9JDM
7g/S+sLaMkvi8DigdXV6YBav+wbcQlaEhu78Txwnp1W7YvsEd/tAkZZn06n1lRQF
DDJ9txCw2QUWL2bHbKNbmIlepLpHQy54mFfSpm/7Sdh0KZtHjlfPMGnp42t1Cqwa
M0F8RoYkVHT0iWQk0YWhtJxpyXF5THgyEP3YfGOu8LyiPauyviJNXhIO6ulw+J8+
VonWrbYSevDlESpmWzLu24n+HiUzHt1SOVp76upTOID6XIR2wEHwivX3QVQhe3FU
FxQX01UY4Uy1n7A4ZYS+oB59YWe1AMSLrIS+A7fSbRdaqtnFrZLSDoMx8iU2WbmT
ZGrP80fXA15GjrsmMYkyxwMRE4HwAirVpreYAvKZDszqJJMivpdzUoNp55R0hVnV
IzDj5t+U5mxL0QUvlS5ZDDiC4NJnMlA9M1iHIXPq4pG7/x4LasW2aiC1PeA4rRkj
3jYnaYd9zqi+CpY3LHb8
=hnaQ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ