Date: Tue, 24 Sep 2019 18:28:40 +0800 From: butt3rflyh4ck <butterflyhuangxx@...il.com> To: oss-security@...ts.openwall.com Subject: CVE-2019-16714: info leak in RDS rds6_inc_info_copy Hi, there is a info leak vulnerability in rds modules in linux kernel. CVE-2019-16714 ================ description: In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. Fixed in https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736 ================ credit by : the ADLab of venustech.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.