oss-sec mailing list archives
Re: kernel: fix minor infoleak in get_user_ex()
From: <cve-assign () mitre org>
Date: Fri, 4 Nov 2016 03:08:48 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
get_user_ex(x, ptr) should zero x on failure. It's not a lot of a leak (at most we are leaking uninitialized 64bit value off the kernel stack, and in a fairly constrained situation https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1c109fabbd51863475cd12ac206bdd249aee35af https://lwn.net/Articles/705264/
Use CVE-2016-9178. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYHDIZAAoJEHb/MwWLVhi2IVYP/R24MqfqIc1TDy62xNPR8gcu AagimLd3Vuuqyjf63QNercHvGfDoYnwg/94OsLR/mX+jzd2M4tfXxb4Jr5Rfiul6 9rkwX+/Fd8E5gRu6N494xtbgPOsUApgMAspLOc7iUJ8pUcxe7A1k47F+xJovTeKx ode5Atqdzgp1yN0QEPcxLG+6fyhDpBG4wwxKaYxDT5CLjkG7PWlNbGmsKhJjCpcA Dlj/mLNI9nQL0qXIG3tLJfZ+sNOn0Ptq3VPz4osrEVZpGkr0+xQWHpmNYZg0pc80 gmJVIkPH1DnnMeGh88amjMSk3sCGvSiUZKOU8fLPHwYZOBC7Ka44GEBq4yX1CjhD L5wrMxJAZQVavRbTK4FEsj2agNkBoTSYwiZvMrQioW8CPwJN3WAaVLZiGx6f62Kc OmFXfltVjFHmMfxyEi4hcyVVNAD0XeIz+gxV9vAFebtbwnjvdRd0uQ7pnwpiYP9N E+PoZWZMyzhVciI0+UFhxABhA8rPX3ceWH0LiNKzCj2CwZJTwJVbLdLbLih5/7rZ WNZf/oaV67rAVF5fVwIFhO7+ihyiOIlgduphxgshAgZSBl3UTTuDqQKpaCld6Zhv G2RUyZy7LPCQysCYhzmFfXoc2mnI1xSgRTtUwhjAHdrIMnFt9FshiADMXcSxdd4G OxELxPZCTGX4qVO3xmty =RnaX -----END PGP SIGNATURE-----
Current thread:
- kernel: fix minor infoleak in get_user_ex() Shawn (Nov 03)
- Re: kernel: fix minor infoleak in get_user_ex() cve-assign (Nov 04)
- Re: Re: kernel: fix minor infoleak in get_user_ex() Moritz Muehlenhoff (Nov 07)
- Re: kernel: fix minor infoleak in get_user_ex() cve-assign (Nov 28)
- Re: Re: kernel: fix minor infoleak in get_user_ex() Moritz Muehlenhoff (Nov 07)
- Re: kernel: fix minor infoleak in get_user_ex() cve-assign (Nov 04)