oss-sec mailing list archives
OpenVZ security repport - Multiple memory leaks (CVE-2013-2239)
From: Jonathan Salwan <jonathan.salwan () gmail com>
Date: Thu, 4 Jul 2013 19:12:18 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2239 - Multiple memory leaks in OpenVZ kernel 2.6.32 (042stab080.1) Description =========== Two memory leaks was discovered in the versions before vzkernel patch 042stab080.2. One memory leak in ploop: The ploop_getdevice_ioc function in drivers/block/ploop/dev.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. One memory leak in quota: The compat_quotactl function in fs/quota/quota.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. Fixed in the 042stab080.2 - [security/ploop] memory info leak fixed (PSBM-20690) - [security/quota] memory info leak fixed (PSBM-20690) Classification ============== Location : Local Access Required Attack Type : Information Disclosure, Input Manipulation Version : vzkernel 2.6.32 (Patch 042stab080.1) Impact : Loss of Confidentiality Solution : Patch / RCS Disclosure : Vendor Verified References ========== CVE ID : CVE-2013-2239 Changelog : http://wiki.openvz.org/Download/kernel/rhel6-testing/042stab080.2 Credit : Jonathan Salwan (Sysdream Security Lab) Timeline ======== 2013-06-16 : Bugs found 2013-06-19 : Bugs reported 2013-06-28 : Bugs fixed 2013-06-29 : CVE request 2013-07-04 : CVE assigned Thanks, - -- Jonathan -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) iQEcBAEBAgAGBQJR1az4AAoJEH9bXKkQj2JzLYIIAKQ7O9mggrngzbiF2sPl4QQt HH2li83jltUPRJGa9lAeaMFmOrh4VHW4DZOlKpN5Q/iYRzThCr8t6H/gnn2HeHXA GBLurAFv2zdKswa87Dzr9B0ySy3O7iuQjzjYQwTnQm+ZWNsKbEyrQVR1uG/5qjH8 UqkhHOqN5jJqFUlfhrLNOPN2O4JYPf9ZyvBklHkKHySmSYhER08Hyy382+Htu3u/ D4uiIhhsORBldAss5t8bcxzUoZDi5qsIFWYux0y5Vo5n9RUw/xmvjTWAlfEKxGEa uwEXHWDXGVzf41X6B8neBpqfsBF4pFC8LPBciKT/cchR1gNjtiIklaFFgZwlI28= =672Y -----END PGP SIGNATURE-----
Current thread:
- OpenVZ security repport - Multiple memory leaks (CVE-2013-2239) Jonathan Salwan (Jul 04)