oss-sec mailing list archives
CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer
From: Kangjie Lu <kangjielu () gmail com>
Date: Tue, 10 May 2016 15:27:58 -0400
Hello, In function snd_timer_user_ccallback() of file sound/core/timer.c, the stack object “r1” has a total size of 32 bytes. Its field “event” and “val” both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized. Fix info: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6 Patch has been applied: http://comments.gmane.org/gmane.linux.kernel/2214250 Please help assign a CVE to this vulnerability. Thanks, Kangjie Lu
Current thread:
- CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer Kangjie Lu (May 10)
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer Takashi Iwai (May 11)
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer cve-assign (May 11)
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer Takashi Iwai (May 11)
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer cve-assign (May 11)
- <Possible follow-ups>
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer Kangjie Lu (May 11)
- Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer Takashi Iwai (May 11)