oss-sec mailing list archives
CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt
From: Eugene Teo <eugeneteo () kernel sg>
Date: Fri, 20 Feb 2009 14:15:36 +0800
According to the upstream commit df0bca049d01c0ee94afb7cd5dfd959541e6c8da "net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2" in linux-2.6's git, there is a missing initialisation of optval v.val that can be directly returned to userspace when getsockopt() is called with SO_BSDCOMPAT optname set. http://patchwork.kernel.org/patch/6816/ https://bugzilla.redhat.com/show_bug.cgi?id=486305 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da Thanks, Eugene
Current thread:
- CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 19)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey (Feb 22)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 23)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 24)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey (Mar 02)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Mar 02)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Mar 03)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Florian Weimer (Mar 04)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Eugene Teo (Feb 23)
- Re: CVE request: kernel: memory disclosure in SO_BSDCOMPAT gsopt Steven M. Christey (Feb 22)