oss-sec mailing list archives
Re: CVE Request: Linux Kernel - Leak information in cdrom driver.
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 10 Jun 2013 14:39:16 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/06/2013 02:19 AM, Jonathan Salwan wrote:
Hi, When we read a block from the disk it normally fills a buffer but if the drive is malfunctioning there is a chance that it would only be partially filled. The result is an leak information to userspace. Patch applied and committed in the next-line : http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2 Could you allocate a CVE id for this? Thanks, -- Jonathan
Please use CVE-2013-2164 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRtjl0AAoJEBYNRVNeJnmT4jYP/j5kSrPLMXfLHBJbR785g2Fw ujkzjDE7i3X8VhQRHHkdCzxbFQR8dgyo56yHY0QDc6medL0oCH59lqYB8Wtn0T0E k2FalBNnjRz5Le0u2GCeokMQGBcb03wSnnQ5sBLWsJEWcZHm3RQWfR7QSdUKcPfs Q3fTb8hvqDikCEivmBbRbFUPP2wxJkLOoWeyrcpzrkCEsMLFUT3DAS7mKrAZui2G hvuVFtQvAHidLuURxf0MqbQVvPZKZPsAY63EWEz8k7fPfg8p3PrhfArZzRqMRkHH pXj3fglBbMTnmq4EV7ipHwL9PgCcN5xBm9xmp21KGSxb76RGpUDkF/n9kxDSEApH 7Gz7rAmJeoNkGHzwqF1pS2G4Z4KQ39TBU51CQdSydFJyA8PVg7FruqouJkSh5GyT LHliNqiS//hD+GLkRhrCwBaNUcN4NXrevcYSp7k5zoJwxgUiy3EVz03YS+aKZAqi +d3bOlHbikZL7naHcNw8ESDVjPDtydoGYBUqhZ7XW7IR+wgDwUIzVYx1GYIO8ddf h598y3ezPcvOhSVnMVp94TLvmRgONxoQHZLbD47voLhzxl+81DBtURTyHbuiqiTa GS1jAczPRXewapLi0H941jN/aivxCJKzxufgeBolvKfiF5bsdN/PGzS7CSI0e1Lj 6TLZ6TEKBtXhBNTpLE8P =7/Nf -----END PGP SIGNATURE-----
Current thread:
- CVE Request: Linux Kernel - Leak information in cdrom driver. Jonathan Salwan (Jun 06)
- Re: CVE Request: Linux Kernel - Leak information in cdrom driver. Kurt Seifried (Jun 10)