Date: Wed, 11 Dec 2013 11:16:29 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> Subject: Re: CVE request: Linux kernel: net: info leak in recvmsg handler msg_name & msg_namelen logic +-- On Tue, 10 Dec 2013, Marcus Meissner wrote --+ | CVE-2013-6405 covers parts of that already I think and could be extended? True, that one fixes the individual recvmsg handlers, whereas 'f3d3342602' is one step before that. Small correction: this is an information leak, not memory leak. Content of Kernel memory bytes was inadvertently passed to user space. Thank you. -- Prasad J Pandit / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ