Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 25 Sep 2019 18:53:14 +0800
From: butt3rflyh4ck <>
Subject: CVE-2019-16714: Linux kernel net/rds: info leak
 vulnerability in rds6_inc_info_copy

Hi, there is a info leak vulnerability in rds modules in linux kernel.


In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c
allows attackers to obtain sensitive information from kernel stack memory
because tos and flags fields are not initialized.

some more details in

Fixed in

Credit :

This issue was discovered by the ADLab of venustech.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.