oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: kernel information leak vulnerability in rtnetlink

From: cve-assign () mitre org
Date: Wed, 4 May 2016 21:52:56 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6

The stack object "map" has a total size of 32 bytes. Its last 4 bytes
are padding generated by compiler. These padding bytes are not
initialized and sent out via "nla_put".


Use CVE-2016-4486.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXKqYNAAoJEHb/MwWLVhi2EdUP/RIO/SA8d2WsiaJyLwJLoQSV
77k+i/mgXGKQUuVG9KApheKLDuM4QRpfpyWB79EoxIiFxy5zT5KRXguulB+vN76q
nrgzhqiZgc8TvgAdEQr3i86puQ4VA36uJOUacFC3eStAuw45SKQ5ChZHV0Nfdqsy
AEu49fX6w4Q5dS+1Yio56VxwHMiIzlYCP4gkxlH06FGEKWl/mOcMVmMCzqNEPsZF
8fP5BLHVNoPPkltC+DBxK3cs9ZBG8zWhB1luUeE5S94o6Z6lhfG07Nz9F2LOf3C+
90F8opyziBmEcijmoryHXZpWwnD9cyNQ0RDSkIrCyGg09wi877bPCJGs2sExjlWB
CcPusVTzJDtaOgplalD3jAEEcY20PWXyymQyMUZXRqiIY1Ec0mhxz79LhJVE7JZZ
oSC9ZHJ8yGWTPuM6eyb2UPFk8D1ziBni5LuPvv/qPvuYRnovxm2+UwQ4Iwy7/8QK
bxqbvdIG/QTk/B2iHGT5BVWuW+FptwB8GIyj67cOj/inlfqGEfMGcSSeQGpUOazJ
Yum4tZId8rXJvYbvamqSCBP/TI98qCUY/vcC7O0YokHwckuedADwvv3f9O0eEgo6
JHiQwOfmfvqT+NHqAfcD30Rp5iYR9E+5T2V4pVYOrhsvEYMaAMVwD55zjq6JUs9l
YaJM/r2HLeVmGieWsc8Z
=iyrM
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: