Date: Fri, 3 Jun 2016 15:30:02 +0200 From: Kangjie Lu <kangjielu@...il.com> To: oss-security@...ts.openwall.com Cc: Taesoo Kim <taesoo@...ech.edu>, Chengyu Song <csong84@...ech.edu> Subject: CVE Request: rds: fix an infoleak in rds_inc_info_copy Hello, There was an infoleak vulnerability in function rds_inc_info_copy of file net/rds/recv.c. The last field "flags" of object "minfo" is not initialized. Copying this object out may leak kernel stack data. Assign 0 to it to avoid leak. Fix info: https://patchwork.ozlabs.org/patch/629110/ Please help assign a CVE to this vulnerability. Thanks, Kangjie Lu
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.