oss-sec mailing list archives
CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump
From: Kangjie Lu <kangjielu () gmail com>
Date: Fri, 3 Jun 2016 15:26:24 +0200
Hello, In function tipc_nl_compat_link_dump of file net/tipc/netlink_compat.c, link_info.str is a char array of size 60. Memory after the NULL byte is not initialized. Sending the whole object out can cause a leak of sensitive info in kernel stack. Fix info: https://patchwork.ozlabs.org/patch/629100/ Please help assign a CVE to this vulnerability. Thanks, Kangjie Lu
Current thread:
- CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump Kangjie Lu (Jun 03)
- Re: CVE Request: tipc: an infoleak in tipc_nl_compat_link_dump cve-assign (Jun 03)