oss-sec mailing list archives
Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy
From: cve-assign () mitre org
Date: Fri, 3 Jun 2016 11:11:58 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
There was an infoleak vulnerability in function rds_inc_info_copy of file net/rds/recv.c. The last field "flags" of object "minfo" is not initialized. Copying this object out may leak kernel stack data. Assign 0 to it to avoid leak. https://patchwork.ozlabs.org/patch/629110/ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb
Use CVE-2016-5244. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXUZw/AAoJEHb/MwWLVhi2aiUP/07OBwM0MtVy/t1KcZL8v7DD vIAzXg1kSR91f+gtrWhJCblBVwd86MnuLFxEersj7sVhNi+Cxt+LS952cCdXvjqu ELT1u3iZyOfW2h5kUrZIQKJgPggdbEikR6dRl+rsd/qAIzFvdqE0PFxXU1EIfkHi lKYdwS8X/Tnw3mo2D5pMXa3K1dIbq5XZZNIvvlYD/owgzu6z9k9eRmwDe+HRZOIW euBGQ/Wx1gD3/DfNot0rXguVP9C43079FVCrr8LIcQh2ogszb4coYIU2+KYObbbk +ZrOXkHY+n6B2sy2kirqoN01G8YThfc7Hcl9qsYB2ZuaHJdCMRAgP/nhY8kgytDF ivIqbx01dJQ+ce+T/J9hjkWNE8FN5QvcLAypZcVRsHC/fuue1GUD0jQpGLbSJUBY GoQ1pPiz7aojimx41dh0hGO2N0WQyzujo5OLCiHi2IQ+Mv/9Qtduh+2wfRxGMjWU ydLveWg4kj2Ao2eqn/j6XOpSu6vE1fB1qX8+VBRO+o44g2p8Y7nM0MskYhZ3ayAY sy/nuBTBO4W0Q+xwjh1bIJkC1KraLYXPoHdhmviWIAd95xO5+5Uqy6jtwTjiATQx wCFEB0e+zqHF+XJJfYk9oBb4H/jzpZvJdl5xMtHT+nLuDYz3kmL5InTGBufRD6p2 eyF4kMXone5kZVbr/kTB =O3Ht -----END PGP SIGNATURE-----
Current thread:
- CVE Request: rds: fix an infoleak in rds_inc_info_copy Kangjie Lu (Jun 03)
- Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy cve-assign (Jun 03)