[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-hams
Subject: Re: SECURITY: Some type of NETROM frames contain random fragments of data from memory
From: Ralf Baechle DL5RB <ralf () linux-mips ! org>
Date: 2021-07-22 12:48:46
Message-ID: YPlpLpL3Yrz/YE6R () linux-mips ! org
[Download RAW message or body]
On Thu, Jul 22, 2021 at 01:40:23PM +0200, Dave van der Locht wrote:
> With Linux kernel 5.4 and up I've noticed some type of NETROM frames
> (conn, disc, etc.) contain random fragments of data from memory.
> I've seen all kinds of data fragments with security sensitive
> information in them depending on the software running.
>
> Those random data fragments seem to appear only in some NETROM frames,
> haven't noticed them in any other frame type.
>
> Most, if not all, remote node software seems to ignore those fragments
> and it won't be noticed until you capture the AX.25 over UDP frames.
> You'll see the frames are larger than expected and contain random
> fragments of data from (shared?) memory.
>
> I've tested this with several 5.4 and 5.10 kernel versions
> distributions and they all seem to leak security sensitive information
> the same way into NETROM frames. Mostly logging data, but I've also
> seen MySQL data and other random fragments of data.
> I've also tested with kernel 4.19, which doesn't seem te be affected.
While that's not as accurate as a git bisect, it's good start. Can you
provide a dump of such packets?
Ralf
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic