oss-sec mailing list archives
Re: CVE request: kernel: kvm kernel stack leakage
From: Josh Bressers <bressers () redhat com>
Date: Fri, 5 Nov 2010 16:00:50 -0400 (EDT)
Please use CVE-2010-3881 Thanks. -- JB ----- "Petr Matousek" <pmatouse () redhat com> wrote:
"Structures kvm_vcpu_events, kvm_debugregs, kvm_pit_state2 and kvm_clock_data are copied to userland with some padding and reserved fields unitialized. It leads to leaking of contents of kernel stack memory." Upstream commit: http://git.kernel.org/?p=virt/kvm/kvm.git;a=commit;h=831d9d02f9522e739825a51a11e3bc5aa531a905 Credit: Vasiliy Kulikov Reference: http://www.spinics.net/lists/kvm/msg44130.html https://bugzilla.redhat.com/show_bug.cgi?id=649920 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request: kernel: kvm kernel stack leakage Petr Matousek (Nov 04)
- Re: CVE request: kernel: kvm kernel stack leakage Josh Bressers (Nov 05)