oss-sec mailing list archives
Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc
From: cve-assign () mitre org
Date: Wed, 21 Oct 2015 17:49:27 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
* vivid-osd.c - osd support for testing overlays. * * Copyright 2014 Cisco Systems, Inc. http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c fails to initialize the 16 _reserved bytes of struct fb_vblank
Use CVE-2015-7884.
* Copyright 2003 Digi International (www.digi.com) * This file implements the mgmt functionality for the * Neo and ClassicBoard based product lines. http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05 fails to initialize the 16 _reserved bytes of struct digi_dinfo
Use CVE-2015-7885. (These are similar types of issues located in unrelated files that presumably were introduced into the Linux kernel at different points in the past. The code that has the missing memset lines is also included in downloads such as https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.2.3.tar.xz.) - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWKAb4AAoJEL54rhJi8gl5bgsQAMParW1DV8nkU5UruaCVBSL2 TcBRj0LK/tt5NbPdp2XmA1iDVVS36F99kgFB3QkTqUMW8jtHdoFhyZJ8zaMgDEd1 h7e0Xv2S5Nh9gY72y18JCP2X7YMyAjgiL8VpnsKm2YBRxi+K9IByz7/hF1h6zZWj N2+pVK7vuQdkFvdVICBMdFxM9M0ETYrKNg+R0HU17aFKSvnh1WvyYk2lY8CPWTYh VmDV8U3xU6CYE0ZUbgbmaoKGU7Q6JsqoZ1lGzW+ic9q/g2ccvEjcid38WDBlSKUD TLztqx1B7eDkdb/CuSpuxDEkYhNAVwH3UlPft3wRx0zzXFSUGfD+FBO13MLvQtLY 3i9l1zlupXKH79A+uvDMhK6oNqLcSZeqNB+EoCYD0FPjzy0LmShVEcGsejrYgnOx /7XY/l1yvkhkyxeisrGLQuO6+XteI+9AWC+DMJa2aB7Ce25Mpo4sf4W6apLNGfZu rRxA1vKLiDYJgApXgzpL/1G3/0aYMXKMbqS8dwuQ5wzFZXrZg92kI6F/qsU7jVAB n0iZeAkDJETavV50Ie8fzwNmM9v34v+2N2E9Eo3QQYrDZS++sWRzozx4UO2f1r/2 yfQgK+4jINpA6mvE231lzULWKb57sh6oEHSUZ+HeVPog/w+dmGD/lJ5AMm+W3PPW QK2Q/TS+rGKeY/pKIzjl =zgZN -----END PGP SIGNATURE-----
Current thread:
- CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc Salva Peiró (Oct 21)
- Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc cve-assign (Oct 21)