Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 31 Jul 2017 17:24:10 +0200
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Cc: sohu0106 <sohu0106@....com>
Subject: Re: Linux kernel: net/irda/af_irda.c: irda_getsockopt() stack infoleak

On Mon, Jul 31, 2017 at 04:03:57PM +0100, John Haxby wrote:
> On 30/07/17 05:47, sohu0106 wrote:
> > net/irda/af_irda.c
> > 
> > Sometimes irda_getsockopt() doesn't initialize all members of list field of irda_device_list struct.  This structure is then copied to
> > userland.  It leads to leaking of contents of kernel stack memory.  We have to initialize them to zero , or it will allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure
> > 
> > https://github.com/torvalds/linux/pull/440
> 
> Have you requested a CVE for this?

Both messages sohu0106 posted initially had the Subject of "CVE request:
kernel stack infoleaks", which I changed to the two more specific
Subjects before approving the messages.  (I do that to especially
non-descriptive Subjects from time to time, as long as the messages were
not CC'ed to elsewhere.  I leave message bodies entirely intact.)

Thus, sohu0106 wanted to request the CVEs from this list, and apparently
didn't request them elsewhere.  sohu0106, this list is no longer a place
to request CVEs from, but we appreciate the vulnerability notifications.
You may request the CVEs from https://cveform.mitre.org and then post
them in here, "replying" to your own messages on the list.

sohu0106, have you also reported these issues upstream?  For the
net/irda/af_irda.c issue, from the MAINTAINERS file:

IRDA SUBSYSTEM
M:      Samuel Ortiz <samuel@...tiz.org>
L:      irda-users@...ts.sourceforge.net (subscribers-only)
L:      netdev@...r.kernel.org
W:      http://irda.sourceforge.net/
S:      Maintained
T:      git git://git.kernel.org/pub/scm/linux/kernel/git/sameo/irda-2.6.git
F:      Documentation/networking/irda.txt
F:      drivers/net/irda/
F:      include/net/irda/
F:      net/irda/

For the driver/video/fbdev/aty/atyfb_base.c issue I guess it's
linux-fbdev@...r.kernel.org, although there's no perfect match for that
filename.  In both cases, CC the messages to LKML.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ