oss-sec mailing list archives

Re: Re: Linux kernel: more net info leak fixes for v3.9

From: P J P <ppandit () redhat com>
Date: Tue, 23 Apr 2013 18:22:25 +0530 (IST)

+-- On Tue, 23 Apr 2013, Mathias Krause wrote --+
| net/socket.c, I guess. The copy_from_user is followed by verify_iovec() that 
| sets msg_name to "addr" -- a kernel stack variable.

  Ah yep, right!
 
| Please ask your colleagues at RedHat for any further explanations of
| the code. AFAIK, oss-sec is no kernel hacker newbie forum ;)

   Yep, okay. Sorry to bother you.

Thanks so much.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB  C939 D048 7860 3655 602B

Current thread:

Re: Re: Linux kernel: more net info leak fixes for v3.9, (continued)
- - - Re: Re: Linux kernel: more net info leak fixes for v3.9 Mathias Krause (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 P J P (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 Mathias Krause (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 P J P (Apr 23)
  - Re: Re: Linux kernel: more net info leak fixes for v3.9 Greg KH (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 cve-assign (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 Greg KH (Apr 22)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 Petr Matousek (Apr 23)
  - Re: Re: Linux kernel: more net info leak fixes for v3.9 P J P (Apr 23)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 Mathias Krause (Apr 23)
    - Re: Re: Linux kernel: more net info leak fixes for v3.9 P J P (Apr 23)