oss-sec mailing list archives

CVE Request: kernel information leak vulnerability in llc module

From: Kangjie Lu <kangjielu () gmail com>
Date: Wed, 4 May 2016 16:43:36 -0400

Hello,

We found a kernel information leak vulnerability in the llc module.
In the file "net/llc/af_llc.c", The stack object “info” has a total size of
12 bytes. Its last byte is padding which is not initialized and leaked
via “put_cmsg”.

Our patch to this vulnerability has been accepted and applied by
linux kernel maintainer (please refer to the message bellow).

Fix info:
http://marc.info/?l=linux-netdev&m=146239325130106&w=2
http://marc.info/?l=linux-kernel&m=146239321930088&w=2


Please help assign a CVE to this vulnerability.



Thanks a lot!
Kangjie Lu




---------- Forwarded message ----------
From: David Miller <davem () davemloft net>
Date: Wed, May 4, 2016 at 4:20 PM
Subject: Re: [PATCH] fix infoleak in llc
To: kangjielu () gmail com
Cc: acme () ghostprotocols net, netdev () vger kernel org,
linux-kernel () vger kernel org, taesoo () gatech edu, insu () gatech edu,
kjlu () gatech edu


From: Kangjie Lu <kangjielu () gmail com>
Date: Tue,  3 May 2016 16:35:05 -0400

The stack object “info” has a total size of 12 bytes. Its last byte
is padding which is not initialized and leaked via “put_cmsg”.

Signed-off-by: Kangjie Lu <kjlu () gatech edu>


Applied.

Current thread:

CVE Request: kernel information leak vulnerability in llc module Kangjie Lu (May 04)
- Re: CVE Request: kernel information leak vulnerability in llc module cve-assign (May 04)