oss-sec mailing list archives
CVE Request: Earlier AF_KEY in key_notify_policy_flush
From: Marcus Meissner <meissner () suse de>
Date: Wed, 3 Jul 2013 11:02:13 +0200
Hi, Michal Hocko identified an earlier patch for an AF_KEY information leak, in nearly the same place as CVE-2013-2234. Due to different time of fix and different researcher probably needs a new CVE. Ciao, Marcus commit 85dfb745ee40232876663ae206cba35f24ab2a40 Author: Nicolas Dichtel <nicolas.dichtel () 6wind com> Date: Mon Feb 18 16:24:20 2013 +0100 af_key: initialize satype in key_notify_policy_flush() This field was left uninitialized. Some user daemons perform check against this field. Signed-off-by: Nicolas Dichtel <nicolas.dichtel () 6wind com> Signed-off-by: Steffen Klassert <steffen.klassert () secunet com>
Current thread:
- CVE Request: Earlier AF_KEY in key_notify_policy_flush Marcus Meissner (Jul 03)
- Re: CVE Request: Earlier AF_KEY in key_notify_policy_flush Marcus Meissner (Jul 03)
- Re: CVE Request: Earlier AF_KEY in key_notify_policy_flush Kurt Seifried (Jul 03)
- Re: CVE Request: Earlier AF_KEY in key_notify_policy_flush Marcus Meissner (Jul 03)