oss-sec mailing list archives
Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE
From: P J P <ppandit () redhat com>
Date: Tue, 9 Apr 2013 11:47:10 +0530 (IST)
+-- On Mon, 8 Apr 2013, Dan Carpenter wrote --+ | I'm confused why you are using the word "always" and "Unless | `access_ok()' in `__get_user' returns 0". I don't understand what | you are saying. Well, always because __access_ok as defined in include/asm-generic/uaccess.h always returns true. === static inline int __access_ok(unsigned long addr, unsigned long size) { return 1; } === | Anyway, the bottom line is that the x86 version of get_user() | doesn't have an info leak and the asm-generic version does. I see, that's when asm-generic _access_ok is overridden by another definition? Thank you. -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B
Current thread:
- CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Marcus Meissner (Apr 05)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Kurt Seifried (Apr 05)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE P J P (Apr 09)
- Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE Dan Carpenter (Apr 08)