Date: Mon, 8 Apr 2013 18:30:02 +0530 (IST) From: P J P <ppandit@...hat.com> To: OSS Security List <oss-security@...ts.openwall.com> Subject: Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Hi, +-- On Fri, 5 Apr 2013, Marcus Meissner wrote --+ | Should also get a CVE. | https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb Comments around get_user() macro say that in case of an error, destination variable @x is set to zero. -> https://github.com/torvalds/linux/blob/master/arch/x86/include/asm/uaccess.h#L134 Just to confirm, is it the same macro that is called from fs/compat_ioctl.c ? Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.