oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak

From: Eugene Teo <eugene () redhat com>
Date: Wed, 05 Jan 2011 12:14:28 +0800
In addition to CVE-2010-3881, some versions of the Linux kernel forgot to initialize the kvm_vcpu_events.interrupt.pad field before being copied to userspace. I have assigned CVE-2010-4525 to this. I briefly checked, linux-2.6.33/34.y are affected, linux-2.6/.31/.32.y are not. 

https://bugzilla.redhat.com/CVE-2010-4525

Thanks, Eugene
Previous By Date Next
Previous By Thread Next

Current thread: