oss-sec mailing list archives
Re: CVE Request: information leak in AF_KEY notify messages
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 02 Jul 2013 14:50:06 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/01/2013 09:10 AM, Marcus Meissner wrote:
Hi, found in the mainline kernel git: commit a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887 Author: Mathias Krause <minipli () googlemail com> Date: Wed Jun 26 23:52:30 2013 +0200 af_key: fix info leaks in notify messages key_notify_sa_flush() and key_notify_policy_flush() miss to initialize the sadb_msg_reserved member of the broadcasted message and thereby leak 2 bytes of heap memory to listeners. Fix that. Signed-off-by: Mathias Krause <minipli () googlemail com> Cc: Steffen Klassert <steffen.klassert () secunet com> Cc: "David S. Miller" <davem () davemloft net> Cc: Herbert Xu <herbert () gondor apana org au> Signed-off-by: David S. Miller <davem () davemloft net> Ciao, Marcus
FYI please include link to commit, makes life quicker. http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887 Please use CVE-2013-2234 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJR0zz9AAoJEBYNRVNeJnmTbqkP/ReXQ9G1f/HdFkK6seMmC1Ie B6Bam0x4DjbDMYXcZIqbxh4ld5XsEvJEAwF4Yc63v2GpXAJDQoi3ZtgLBeds6ImE SDYBPGiFw5puNINeOzn4ORSvdZyJLnvbzlRhRuioAfdW3KNNY2kv1N39+XEBke7t +rqdAPs9cLt2W6Wrqk8o07LKFaWlUPOnQ87hNvilfvx6EKQp+WQlHSLpEscj9JDM 7g/S+sLaMkvi8DigdXV6YBav+wbcQlaEhu78Txwnp1W7YvsEd/tAkZZn06n1lRQF DDJ9txCw2QUWL2bHbKNbmIlepLpHQy54mFfSpm/7Sdh0KZtHjlfPMGnp42t1Cqwa M0F8RoYkVHT0iWQk0YWhtJxpyXF5THgyEP3YfGOu8LyiPauyviJNXhIO6ulw+J8+ VonWrbYSevDlESpmWzLu24n+HiUzHt1SOVp76upTOID6XIR2wEHwivX3QVQhe3FU FxQX01UY4Uy1n7A4ZYS+oB59YWe1AMSLrIS+A7fSbRdaqtnFrZLSDoMx8iU2WbmT ZGrP80fXA15GjrsmMYkyxwMRE4HwAirVpreYAvKZDszqJJMivpdzUoNp55R0hVnV IzDj5t+U5mxL0QUvlS5ZDDiC4NJnMlA9M1iHIXPq4pG7/x4LasW2aiC1PeA4rRkj 3jYnaYd9zqi+CpY3LHb8 =hnaQ -----END PGP SIGNATURE-----
Current thread:
- CVE Request: information leak in AF_KEY notify messages Marcus Meissner (Jul 01)
- Re: CVE Request: information leak in AF_KEY notify messages Kurt Seifried (Jul 02)