oss-sec mailing list archives
Re: CVE split and a missed file
From: cve-assign () mitre org
Date: Thu, 9 Jan 2014 17:01:16 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-> net/ax25/af_ax25.c
The unpatched code does not have the fundamental problem of updating msg_namelen in a situation where "sax" is uninitialized.
-> net/rose/af_rose.c
The unpatched code does not have the fundamental problem of updating msg_namelen in a situation where "srose" is uninitialized.
-> net/compat.c
This is for the case of a nonzero msg_namelen accompanied by a NULL msg_name, as mentioned in the comment in the commit. The same choice was made in net/core/iovec.c (a file that you didn't ask about).
-> net/socket.c
Lack of "msg_namelen = 0" statements is not something that would really be considered a vulnerability in the previous net/socket.c implementation. From the perspective of net/socket.c itself, the "msg_namelen = 0" additions are a design improvement that can contribute to the security of other code.
-> net/rxrpc/ar-recvmsg.c
The complete absence of a "msg_namelen =" statement in the unpatched code seems to be a bug, but it's not the same as updating msg_namelen in an uninitialized-data situation. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJSzxprAAoJEKllVAevmvmsUzMH/3VKhBHQipalZA4G+8mkscZK fanNLNwhBXK61rhbQwewXbKAJu2/zuJlCYGiPJcMQ9zIUgRIl4cyDQMK0Wh9JtXc 0ThbrKFWx6Iwan6q/ygs7uX3jMJK2bhnjob8zt1ZN1etrsyTP4cIityk2n/nJf3e HTeys00RVSUwo6P33EvVjYep8qvsf4ZzZq5Bh+WhxapgU0eCHisZ4+aKfOcvaIB4 qEJjVmr783/jSq0SlKEk9pKeeu6gLhcU0mrdQQ9fOEo3Bvp574W7jjel1IKPFpfO OE+mP0ULvsE+cH1H/5WTLsxEAyK0GowfCiBH+5M/xdu/AXPx1hsZg4V9p40JnZ4= =mqWd -----END PGP SIGNATURE-----
Current thread:
- CVE split and a missed file P J P (Jan 06)
- Re: CVE split and a missed file P J P (Jan 07)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 09)
- RE: CVE split and a missed file Christey, Steven M. (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 07)
- Re: CVE split and a missed file cve-assign (Jan 08)