Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 28 Nov 2013 23:56:26 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: Re: CVE Request: Linux kernel: net: uninitialised
 memory leakage

   Hello Hannes,

+-- On Thu, 28 Nov 2013, Hannes Frederic Sowa wrote --+
| This patch does break stuff, a follow-up is needed which did not get to 
| Linus yet, but is already queued up for stable. Otherwise traceroute is 
| broken:
| 
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=85fbaa75037d0b6b786ff18658ddf0b4014ce2a4

  I see. Thanks so much for the heads-up and link to the follow-up patch.

 
| I found other leaks in non-inet protocols:
| 
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
| 
| The protocols where I did remove msg_namelen = 0 where actually
| safe. Some of the protocols I did not touch could leak up to 128 bytes
| of uninitialized data from the stack.
| 
| Hardening against out-of-bounds writes:
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=68c6beb373955da0886d8f4f5995b3922ceda4be
| 
| Also there is a small 2-bytes memory leak in extended error reporting:
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=68c6beb373955da0886d8f4f5995b3922ceda4be

  Thank you for sharing these too!


Thank you! :)
--
Prasad J Pandit / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.