[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: Linux kernel: net: uninitialised memory leakage
From: P J P <ppandit () redhat ! com>
Date: 2013-11-28 18:38:26
Message-ID: alpine.LFD.2.10.1311282349500.21295 () wniryva ! cad ! erqung ! pbz
[Download RAW message or body]
Hello Hannes,
+-- On Thu, 28 Nov 2013, Hannes Frederic Sowa wrote --+
| This patch does break stuff, a follow-up is needed which did not get to
| Linus yet, but is already queued up for stable. Otherwise traceroute is
| broken:
|
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=85fbaa75037d0b6b786ff18658ddf0b4014ce2a4
I see. Thanks so much for the heads-up and link to the follow-up patch.
| I found other leaks in non-inet protocols:
|
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
|
| The protocols where I did remove msg_namelen = 0 where actually
| safe. Some of the protocols I did not touch could leak up to 128 bytes
| of uninitialized data from the stack.
|
| Hardening against out-of-bounds writes:
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=68c6beb373955da0886d8f4f5995b3922ceda4be
|
| Also there is a small 2-bytes memory leak in extended error reporting:
| https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=68c6beb373955da0886d8f4f5995b3922ceda4be
Thank you for sharing these too!
Thank you! :)
--
Prasad J Pandit / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic