oss-sec mailing list archives
Re: CVE Request: kernel information leak vulnerability in rtnetlink
From: cve-assign () mitre org
Date: Wed, 4 May 2016 21:52:56 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=5f8e44741f9f216e33736ea4ec65ca9ac03036e6 The stack object "map" has a total size of 32 bytes. Its last 4 bytes are padding generated by compiler. These padding bytes are not initialized and sent out via "nla_put".
Use CVE-2016-4486. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXKqYNAAoJEHb/MwWLVhi2EdUP/RIO/SA8d2WsiaJyLwJLoQSV 77k+i/mgXGKQUuVG9KApheKLDuM4QRpfpyWB79EoxIiFxy5zT5KRXguulB+vN76q nrgzhqiZgc8TvgAdEQr3i86puQ4VA36uJOUacFC3eStAuw45SKQ5ChZHV0Nfdqsy AEu49fX6w4Q5dS+1Yio56VxwHMiIzlYCP4gkxlH06FGEKWl/mOcMVmMCzqNEPsZF 8fP5BLHVNoPPkltC+DBxK3cs9ZBG8zWhB1luUeE5S94o6Z6lhfG07Nz9F2LOf3C+ 90F8opyziBmEcijmoryHXZpWwnD9cyNQ0RDSkIrCyGg09wi877bPCJGs2sExjlWB CcPusVTzJDtaOgplalD3jAEEcY20PWXyymQyMUZXRqiIY1Ec0mhxz79LhJVE7JZZ oSC9ZHJ8yGWTPuM6eyb2UPFk8D1ziBni5LuPvv/qPvuYRnovxm2+UwQ4Iwy7/8QK bxqbvdIG/QTk/B2iHGT5BVWuW+FptwB8GIyj67cOj/inlfqGEfMGcSSeQGpUOazJ Yum4tZId8rXJvYbvamqSCBP/TI98qCUY/vcC7O0YokHwckuedADwvv3f9O0eEgo6 JHiQwOfmfvqT+NHqAfcD30Rp5iYR9E+5T2V4pVYOrhsvEYMaAMVwD55zjq6JUs9l YaJM/r2HLeVmGieWsc8Z =iyrM -----END PGP SIGNATURE-----
Current thread:
- CVE Request: kernel information leak vulnerability in rtnetlink Kangjie Lu (May 04)
- Re: CVE Request: kernel information leak vulnerability in rtnetlink cve-assign (May 04)