oss-sec mailing list archives
CVE Request: rds: fix an infoleak in rds_inc_info_copy
From: Kangjie Lu <kangjielu () gmail com>
Date: Fri, 3 Jun 2016 15:30:02 +0200
Hello, There was an infoleak vulnerability in function rds_inc_info_copy of file net/rds/recv.c. The last field "flags" of object "minfo" is not initialized. Copying this object out may leak kernel stack data. Assign 0 to it to avoid leak. Fix info: https://patchwork.ozlabs.org/patch/629110/ Please help assign a CVE to this vulnerability. Thanks, Kangjie Lu
Current thread:
- CVE Request: rds: fix an infoleak in rds_inc_info_copy Kangjie Lu (Jun 03)
- Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy cve-assign (Jun 03)