oss-sec mailing list archives
Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
From: Willy Tarreau <w () 1wt eu>
Date: Thu, 15 Oct 2009 07:11:06 +0200
On Thu, Oct 15, 2009 at 10:33:15AM +0800, Eugene Teo wrote:
Eugene Teo wrote:Eugene Teo wrote:[...]CVE-2005-4881 - tc_fill_qdisc() (at least)This requires http://patchwork.ozlabs.org/patch/35412/ too. There was a typo in the upstream commit 9ef1d4c7.I'm not sure but perhaps this needs a new CVE name. This infoleak bug was introduced in 2005, but was discovered and fixed recently.This is assigned with CVE-2009-3612 - incomplete fix for CVE-2005-4881.
and 2.4 has it too since the 2.6 patch applied cleanly. Thanks, Willy
Current thread:
- Re: CVE request: kernel: tc: uninitialised kernel memory leak Eugene Teo (Oct 13)
- CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 13)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Josh Bressers (Oct 14)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 14)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Willy Tarreau (Oct 14)
- CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 13)