Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Jun 2013 10:19:22 +0200
From: Jonathan Salwan <jonathan.salwan@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Linux Kernel - Leak information in cdrom driver.

Hi,

When we read a block from the disk it normally fills a buffer but if
the drive is malfunctioning there is a chance that it would only be
partially filled. The result is an leak information to userspace.

Patch applied and committed in the next-line :

http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2


Could you allocate a CVE id for this?

Thanks,

-- Jonathan

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.