Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Dec 2013 11:16:29 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: Re: CVE request: Linux kernel: net: info leak in
 recvmsg handler msg_name & msg_namelen logic

+-- On Tue, 10 Dec 2013, Marcus Meissner wrote --+
| CVE-2013-6405 covers parts of that already I think and could be extended?

  True, that one fixes the individual recvmsg handlers, whereas 'f3d3342602' 
is one step before that.

Small correction:

  this is an information leak, not memory leak. Content of Kernel memory bytes 
was inadvertently passed to user space.

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.