oss-sec mailing list archives
Re: Re: CVE Request: kernel information leak vulnerability in Linux sound module
From: Steve Beattie <steve.beattie () canonical com>
Date: Tue, 10 May 2016 12:14:35 -0700
On Mon, May 09, 2016 at 07:29:09PM -0400, cve-assign () mitre org wrote:
http://comments.gmane.org/gmane.linux.kernel/2214250 The stack object "tread" has a total size of 32 bytes. Its field "event" and "val" both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized.Use CVE-2016-4569. This is not yet available at http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/sound/core/timer.c but may be there later.
It's staged at: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e Looks like there were two more related kernel leak fixes: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6 https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=e4ec8cc8039a7063e24204299b462bd1383184a5 Thanks. -- Steve Beattie <sbeattie () ubuntu com> http://NxNW.org/~steve/
Attachment:
signature.asc
Description:
Current thread:
- CVE Request: kernel information leak vulnerability in Linux sound module Kangjie Lu (May 08)
- Re: CVE Request: kernel information leak vulnerability in Linux sound module cve-assign (May 09)
- Re: Re: CVE Request: kernel information leak vulnerability in Linux sound module Steve Beattie (May 10)
- Re: CVE Request: kernel information leak vulnerability in Linux sound module cve-assign (May 09)