Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LFD.2.10.1312101258210.28548@wniryva.cad.erqung.pbz>
Date: Tue, 10 Dec 2013 13:00:43 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
Subject: CVE request: Linux kernel: net: memory leak in recvmsg handler
 msg_name & msg_namelen logic

    Hello,

Linux kernel built with the networking support(CONFIG_NET) is vulnerable to an 
information leakage flaw in the socket layer. It could occur while doing 
recvmsg(2), recvfrom(2) socket calls. It occurs due to improperly initialised 
msg_name & msg_namelen message header parameters.

A user/program could use this flaw to leak kernel memory bytes.

Upstream fix:
-------------
  -> https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c

Reference:
----------
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1039845


Thank you.
--
Prasad J Pandit / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.