oss-sec mailing list archives

Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 28 Jan 2014 13:48:10 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/28/2014 06:30 AM, P J P wrote:

Hello,

Linux kernel built with the NetFilter Connection
Tracking(NF_CONNTRACK) support for IRC protocol(NF_NAT_IRC), is
vulnerable to an information leakage flaw. It could occur when
communicating over direct client-to-client IRC connection(/dcc) via
a NAT-ed network. Kernel attempts to mangle IRC TCP packet's
content, wherein an uninitialised 'buffer' object is copied to a 
socket buffer and sent over to the other end of a connection.

Upstream fix: ------------- ->
https://git.kernel.org/linus/2690d97ade05c5325cbf7c72b94b90d265659886

 Reference: ---------- ->
https://bugzilla.redhat.com/show_bug.cgi?id=1058748


Thank you -- Prasad J Pandit / Red Hat Security Response Team


Please use CVE-2014-0025 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJS6BeJAAoJEBYNRVNeJnmTDLMP/2y+jDme/VhuTwR5niOBIIkd
pSssyobeNdxFYBNMf9CfRMOsA1qm1HwPn0V7zE6I6+RKb+pxB6ywnZE/1EkqvHCv
7LU02JZAEGXe1d1uoZ+KaXlCuRk6ppDITJ+aPix3aqJBLlE5varGjzzZcPNpgFLv
OJQLyy6WMZu/nMMY0pxcztkgs35ym+y59II9X8pvIXHmQMID1ACd61lYeGyyo5ZW
r5dQB8lddFLU8XOQVkIYN6J/A5aZO0V30XaNur0yJSwyGLp/7McgPt7GL6fY/lHJ
AzmYpNMjJCkE9AqaSuUFfLuxbCg/wXijSF0kuvqFYaimt7Whsul4WaUt1w3kWVQH
Z+kdQ0uTxCrTT/gOC29oJUWwX5HxW0w7PIkSXin42EZeaMPcmvGKOjwsvOgalN+V
e68TgkGQQTT/qRmujvuzwMt103HP1klO2Zl8wfNZIPzy5ZaVUc7AYRUiVqbjC83p
GGqYy87JX8veuoz8zetHV1PZ7bcy8fEBVDlQIylT+kVtXXa8POg7WnkuV+ktkbKR
c3Mly+c9q7GIZD3wxK9xL1K61DdT2TgLlFt5bCuV9tQZH/iwVqCALlyK007MK9Zq
I29oxI6+z64gx3r+rwd844hmr+5AEyJTyQGi4DSA/a9wDBqcOpmTTnmDW86sPb1p
kOqiN5h6K8fuJhP+Pdkn
=R2KD
-----END PGP SIGNATURE-----

Current thread:

CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper P J P (Jan 28)
- Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper cve-assign (Jan 28)
- Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper Kurt Seifried (Jan 28)
  - Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper Kurt Seifried (Jan 28)