[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Sep 2010 11:49:45 -0400
From: Dan Rosenberg <dan.j.rosenberg@...il.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>, jeffm@...e.com
Subject: Re: CVE request: kernel: numerous infoleaks
Jeff Mahoney correctly pointed out that the first case
(drivers/net/tulip/de4x5.c) is not a security issue because the copied
data is from a union, not a struct. I've gone through these again to
confirm that the remaining three are actually security issues.
Therefore, CVE-2010-3295 should be marked as invalid.
-Dan
On Tue, Sep 14, 2010 at 3:26 PM, Josh Bressers <bressers@...hat.com> wrote:
> ----- "Eugene Teo" <eugene@...hat.com> wrote:
>
>> Reported by Dan Rosenberg,
>>
>> drivers/net/tulip/de4x5.c: reading uninitialized stack memory
>> http://lkml.org/lkml/2010/9/11/169
>> https://bugzilla.redhat.com/633158
>
> CVE-2010-3295
>
>>
>> drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory
>> http://lkml.org/lkml/2010/9/11/170
>> introduced in 4d22de3e (v2.6.21-rc2)
>> https://bugzilla.redhat.com/633149
>
> CVE-2010-3296
>
>>
>> drivers/net/eql.c: reading uninitialized stack memory
>> http://lkml.org/lkml/2010/9/11/168
>> https://bugzilla.redhat.com/633145
>
> CVE-2010-3297
>
>>
>> drivers/net/usb/hso.c: reading uninitialized memory
>> http://lkml.org/lkml/2010/9/11/167
>> introduced in 542f5482 (v2.6.29-rc1)
>> https://bugzilla.redhat.com/633140
>>
>
> CVE-2010-3298
>
> Thanks.
>
> --
> JB
>
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
