Re: CVE Request: Linux Kernel - Leak information in cdrom driver.

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/06/2013 02:19 AM, Jonathan Salwan wrote:
> Hi,
>
> When we read a block from the disk it normally fills a buffer but
> if the drive is malfunctioning there is a chance that it would only
> be partially filled. The result is an leak information to
> userspace.
>
> Patch applied and committed in the next-line :
>
> http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2
>
>
>
> Could you allocate a CVE id for this?
>
> Thanks,
>
> -- Jonathan

Please use CVE-2013-2164  for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRtjl0AAoJEBYNRVNeJnmT4jYP/j5kSrPLMXfLHBJbR785g2Fw
ujkzjDE7i3X8VhQRHHkdCzxbFQR8dgyo56yHY0QDc6medL0oCH59lqYB8Wtn0T0E
k2FalBNnjRz5Le0u2GCeokMQGBcb03wSnnQ5sBLWsJEWcZHm3RQWfR7QSdUKcPfs
Q3fTb8hvqDikCEivmBbRbFUPP2wxJkLOoWeyrcpzrkCEsMLFUT3DAS7mKrAZui2G
hvuVFtQvAHidLuURxf0MqbQVvPZKZPsAY63EWEz8k7fPfg8p3PrhfArZzRqMRkHH
pXj3fglBbMTnmq4EV7ipHwL9PgCcN5xBm9xmp21KGSxb76RGpUDkF/n9kxDSEApH
7Gz7rAmJeoNkGHzwqF1pS2G4Z4KQ39TBU51CQdSydFJyA8PVg7FruqouJkSh5GyT
LHliNqiS//hD+GLkRhrCwBaNUcN4NXrevcYSp7k5zoJwxgUiy3EVz03YS+aKZAqi
+d3bOlHbikZL7naHcNw8ESDVjPDtydoGYBUqhZ7XW7IR+wgDwUIzVYx1GYIO8ddf
h598y3ezPcvOhSVnMVp94TLvmRgONxoQHZLbD47voLhzxl+81DBtURTyHbuiqiTa
GS1jAczPRXewapLi0H941jN/aivxCJKzxufgeBolvKfiF5bsdN/PGzS7CSI0e1Lj
6TLZ6TEKBtXhBNTpLE8P
=7/Nf
-----END PGP SIGNATURE-----