oss-sec mailing list archives
Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
From: Josh Bressers <bressers () redhat com>
Date: Wed, 14 Oct 2009 22:30:57 -0400 (EDT)
----- "Eugene Teo" <eugene () redhat com> wrote:
Eugene Teo wrote:[...]CVE-2005-4881 - tc_fill_qdisc() (at least)This requires http://patchwork.ozlabs.org/patch/35412/ too. Therewas atypo in the upstream commit 9ef1d4c7.I'm not sure but perhaps this needs a new CVE name. This infoleak bug was introduced in 2005, but was discovered and fixed recently.
I'm naming this as such:
CVE-2009-3612 incomplete fix for CVE-2005-4881
So please use CVE-2009-3612.
Sorry for the delay.
--
JB
Current thread:
- Re: CVE request: kernel: tc: uninitialised kernel memory leak Eugene Teo (Oct 13)
- CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 13)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Josh Bressers (Oct 14)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 14)
- Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Willy Tarreau (Oct 14)
- CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 Eugene Teo (Oct 13)