[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4D7DD02A.2050307@redhat.com>
Date: Mon, 14 Mar 2011 16:22:02 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE requests - kernel: tpm infoleaks
[PATCH 1/3] char/tpm: Fix uninitialized usage of data buffer
http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=459e0537ebb7b786cd29a26f4e41c721632cd840
infoleak
[PATCH 2/3] char/tpm: Call tpm_transmit with correct size
http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=f0bbed1ee49a4779dfb32159fea669ced8789336
infoleak
[PATCH 3/3] char/tpm: zero buffer after copying to userspace
http://tpmdd.git.sourceforge.net/git/gitweb.cgi?p=tpmdd/tpmdd;a=commitdiff;h=44480e4077cd782aa8f54eb472b292547f030520
prevents storing of previous result, leakage to other drivers
Credit to Peter Huewe.
https://bugzilla.redhat.com/show_bug.cgi?id=684671
Thanks, Eugene
--
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
