Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed,  4 May 2016 21:52:56 -0400 (EDT)
From: cve-assign@...re.org
To: kangjielu@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, csong84@...ech.edu, taesoo@...ech.edu, insu@...ech.edu
Subject: Re: CVE Request: kernel information leak vulnerability in rtnetlink

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6
> 
> The stack object "map" has a total size of 32 bytes. Its last 4 bytes
> are padding generated by compiler. These padding bytes are not
> initialized and sent out via "nla_put".

Use CVE-2016-4486.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXKqYNAAoJEHb/MwWLVhi2EdUP/RIO/SA8d2WsiaJyLwJLoQSV
77k+i/mgXGKQUuVG9KApheKLDuM4QRpfpyWB79EoxIiFxy5zT5KRXguulB+vN76q
nrgzhqiZgc8TvgAdEQr3i86puQ4VA36uJOUacFC3eStAuw45SKQ5ChZHV0Nfdqsy
AEu49fX6w4Q5dS+1Yio56VxwHMiIzlYCP4gkxlH06FGEKWl/mOcMVmMCzqNEPsZF
8fP5BLHVNoPPkltC+DBxK3cs9ZBG8zWhB1luUeE5S94o6Z6lhfG07Nz9F2LOf3C+
90F8opyziBmEcijmoryHXZpWwnD9cyNQ0RDSkIrCyGg09wi877bPCJGs2sExjlWB
CcPusVTzJDtaOgplalD3jAEEcY20PWXyymQyMUZXRqiIY1Ec0mhxz79LhJVE7JZZ
oSC9ZHJ8yGWTPuM6eyb2UPFk8D1ziBni5LuPvv/qPvuYRnovxm2+UwQ4Iwy7/8QK
bxqbvdIG/QTk/B2iHGT5BVWuW+FptwB8GIyj67cOj/inlfqGEfMGcSSeQGpUOazJ
Yum4tZId8rXJvYbvamqSCBP/TI98qCUY/vcC7O0YokHwckuedADwvv3f9O0eEgo6
JHiQwOfmfvqT+NHqAfcD30Rp5iYR9E+5T2V4pVYOrhsvEYMaAMVwD55zjq6JUs9l
YaJM/r2HLeVmGieWsc8Z
=iyrM
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ