oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc

From: Salva Peiró <speirofr () gmail com>
Date: Wed, 21 Oct 2015 12:07:25 +0200
Hello,

Are there CVEs for these? If not, could these be assigned, please?

   
http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c
    media/vivid-osd: fix info leak in ioctl

        [media] media/vivid-osd: fix info leak in ioctl
        The vivid_fb_ioctl() code fails to initialize the 16 _reserved
bytes of
        struct fb_vblank after the ->hcount member. Add an explicit
        memset(0) before filling the structure to avoid the info leak.

   
http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05
    staging/dgnc: fix info leak in ioctl

        The dgnc_mgmt_ioctl() code fails to initialize the 16 _reserved
bytes of
        struct digi_dinfo after the ->dinfo_nboards member. Add an explicit
        memset(0) before filling the structure to avoid the info leak.

--
Salva Peiró @ https://speirofr.appspot.com
CS Researcher & Software Engineer
Universitat Politècnica de València, Spain.
Previous By Date Next
Previous By Thread Next

Current thread: