Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Jun 2016 15:30:02 +0200
From: Kangjie Lu <>
Cc: Taesoo Kim <>, Chengyu Song <>
Subject: CVE Request: rds: fix an infoleak in rds_inc_info_copy


There was an infoleak vulnerability in function
rds_inc_info_copy of file net/rds/recv.c.
The last field "flags" of object "minfo" is not initialized.
Copying this object out may leak kernel stack data.
Assign 0 to it to avoid leak.

Fix info:

Please help assign a CVE to this vulnerability.

Kangjie Lu

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.