oss-sec mailing list archives

Re: CVE request: Linux kernel - information leak in md driver

From: cve-assign () mitre org
Date: Wed, 29 Jul 2015 08:42:07 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=77ba0569d4c8389c0a2162ab0c7c16a6f3b199e4

copy_to_user(arg, file, sizeof(*file))

But if bitmap is disabled only the first byte of "file" is initialized
with zero, so it's possible to read some bytes (up to 4095) of kernel
space memory from user space. This is an information leak.


Use CVE-2015-5697.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJVuMluAAoJEKllVAevmvmskpAH/A1Dle9yejWQdgy/N6rIdg7h
i1no4dsolizpN4guZdu0gLpGstSJFWsc+fFD5eAuNLh0+fYNI8nCPFRBbBDShS7f
v3Fsniw+WX6J4Tqk61AS19OwX2Zo7TNctllbqyios7omfb52Jaf6aYamEZIOotfJ
v9WtiHSzOHD2d/2dY5JiBxO40lmJL6hsl1QzIYJqKF64I8IZ/cgYYcF0fVhE4Dk7
G7TEIm5kf0dx1JoGcI0rINPo3un20zFzcpnfl7PbAdDwc7qUzW/QfrpnF1K4b6gU
FeB5fswttGrehaVYd82DcSR39hJjWZlkM4lPCwyGCt58TsHb7AVYuwC8AcsHcSM=
=MXkB
-----END PGP SIGNATURE-----

Current thread:

CVE request: Linux kernel - information leak in md driver Benjamin Randazzo (Jul 28)
- Re: CVE request: Linux kernel - information leak in md driver cve-assign (Jul 29)