Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Jul 2013 11:02:13 +0200
From: Marcus Meissner <>
To: OSS Security List <>
Subject: CVE Request: Earlier AF_KEY in key_notify_policy_flush


Michal Hocko identified an earlier patch for an AF_KEY information leak,
in nearly the same place as CVE-2013-2234.

Due to different time of fix and different researcher probably
needs a new CVE.

Ciao, Marcus

commit 85dfb745ee40232876663ae206cba35f24ab2a40
Author: Nicolas Dichtel <>
Date:   Mon Feb 18 16:24:20 2013 +0100

    af_key: initialize satype in key_notify_policy_flush()
    This field was left uninitialized. Some user daemons perform check against this
    Signed-off-by: Nicolas Dichtel <>
    Signed-off-by: Steffen Klassert <>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ