Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 07 Sep 2009 11:32:29 +0800
From: Eugene Teo <>
CC: Willy Tarreau <>, "Steven M. Christey" <>
Subject: Re: CVE request: kernel: tc: uninitialised kernel
 memory leak

Solar Designer wrote:
> On Thu, Sep 03, 2009 at 11:45:03AM +0800, Eugene Teo wrote:
>> Three bytes of uninitialised kernel memory are currently leaked to user.
> 2.4 kernels appear to be affected as well, and moreover they appear to
> require at least some of these older fixes as well:

This is commit 9ef1d4c7c7aca1cd436612b6ca785b726ffb8ed8.

And linux-2.4.37.y needs the following two patches too:

[NETLINK]: Clear padding in netlink messages

[NETLINK]: Missing padding fields in dumped structures

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.