Date: Fri, 20 Feb 2009 14:15:36 +0800 From: Eugene Teo <eugeneteo@...nel.sg> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt According to the upstream commit df0bca049d01c0ee94afb7cd5dfd959541e6c8da "net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2" in linux-2.6's git, there is a missing initialisation of optval v.val that can be directly returned to userspace when getsockopt() is called with SO_BSDCOMPAT optname set. http://patchwork.kernel.org/patch/6816/ https://bugzilla.redhat.com/show_bug.cgi?id=486305 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.