oss-security - CVE request: kernel: numerous infoleaks

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Message-ID: <4C8EF290.1070008@redhat.com>
Date: Tue, 14 Sep 2010 11:57:04 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request: kernel: numerous infoleaks

Reported by Dan Rosenberg,

drivers/net/tulip/de4x5.c: reading uninitialized stack memory
http://lkml.org/lkml/2010/9/11/169
https://bugzilla.redhat.com/633158

drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory
http://lkml.org/lkml/2010/9/11/170
introduced in 4d22de3e (v2.6.21-rc2)
https://bugzilla.redhat.com/633149

drivers/net/eql.c: reading uninitialized stack memory
http://lkml.org/lkml/2010/9/11/168
https://bugzilla.redhat.com/633145

drivers/net/usb/hso.c: reading uninitialized memory
http://lkml.org/lkml/2010/9/11/167
introduced in 542f5482 (v2.6.29-rc1)
https://bugzilla.redhat.com/633140

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.