oss-sec mailing list archives
CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure
From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Wed, 15 Jun 2011 20:19:03 -0400
NetBSD has committed a fix for an issue in the 802.11 stack [1]. FreeBSD is also affected and should release a fix shortly. Due to a signedness error in the IEEE80211_IOC_CHANINFO ioctl, a local unprivileged user could cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. The issue only affects certain non-x86 architectures, such as SPARC. -Dan [1] http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/net80211/ieee80211_ioctl.c?rev=1.56&content-type=text/x-cvsweb-markup&only_with_tag=MAIN
Current thread:
- CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg (Jun 15)
- Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg (Jun 20)
- Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Josh Bressers (Jun 20)
- Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg (Jun 20)
- Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Josh Bressers (Jun 20)
- Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Dan Rosenberg (Jun 20)