[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-hams
Subject:    Re: SECURITY: Some type of NETROM frames contain random fragments of data from memory
From:       Ralf Baechle DL5RB <ralf () linux-mips ! org>
Date:       2021-07-22 12:48:46
Message-ID: YPlpLpL3Yrz/YE6R () linux-mips ! org
[Download RAW message or body]

On Thu, Jul 22, 2021 at 01:40:23PM +0200, Dave van der Locht wrote:

> With Linux kernel 5.4 and up I've noticed some type of NETROM frames
> (conn, disc, etc.) contain random fragments of data from memory.
> I've seen all kinds of data fragments with security sensitive
> information in them depending on the software running.
> 
> Those random data fragments seem to appear only in some NETROM frames,
> haven't noticed them in any other frame type.
> 
> Most, if not all, remote node software seems to ignore those fragments
> and it won't be noticed until you capture the AX.25 over UDP frames.
> You'll see the frames are larger than expected and contain random
> fragments of data from (shared?) memory.
> 
> I've tested this with several 5.4 and 5.10 kernel versions
> distributions and they all seem to leak security sensitive information
> the same way into NETROM frames. Mostly logging data, but I've also
> seen MySQL data and other random fragments of data.
> I've also tested with kernel 4.19, which doesn't seem te be affected.

While that's not as accurate as a git bisect, it's good start.  Can you
provide a dump of such packets?

  Ralf
[prev in list] [next in list] [prev in thread] [next in thread]