oss-sec mailing list archives
Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE
From: P J P <ppandit () redhat com>
Date: Tue, 9 Apr 2013 11:47:10 +0530 (IST)
+-- On Mon, 8 Apr 2013, Dan Carpenter wrote --+
| I'm confused why you are using the word "always" and "Unless
| `access_ok()' in `__get_user' returns 0". I don't understand what
| you are saying.
Well, always because __access_ok as defined in include/asm-generic/uaccess.h
always returns true.
===
static inline int __access_ok(unsigned long addr, unsigned long size)
{
return 1;
}
===
| Anyway, the bottom line is that the x86 version of get_user()
| doesn't have an info leak and the asm-generic version does.
I see, that's when asm-generic _access_ok is overridden by another
definition?
Thank you.
--
Prasad J Pandit / Red Hat Security Response Team
DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Current thread:
- CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Marcus Meissner (Apr 05)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Kurt Seifried (Apr 05)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 09)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)