Date: Mon, 25 Nov 2013 12:12:16 +0000 From: Jonathan Salwan <jonathan.salwan@...il.com> To: oss-security@...ts.openwall.com Subject: CVE request: Kernel MSM - Memory leak in drivers/base/genlock.c Hello, The Genlock driver does not properly initialize all members of a structure before copying it to user space. This allows a local attacker to obtain potentially sensitive information from kernel stack memory via ioctl system calls. Upstream fixes: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3 Could you please assign a CVE id for this issue? Thanks, - Jonathan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.