| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Jun 2013 14:58:22 +0200 From: Pablo Neira Ayuso <pablo@...filter.org> To: Simon Horman <horms@...ge.net.au> Cc: Dan Carpenter <dan.carpenter@...cle.com>, Wensong Zhang <wensong@...ux-vs.org>, Julian Anastasov <ja@....bg>, Patrick McHardy <kaber@...sh.net>, Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu>, "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org, lvs-devel@...r.kernel.org, netfilter-devel@...r.kernel.org, netfilter@...r.kernel.org, coreteam@...filter.org, kernel-janitors@...r.kernel.org Subject: Re: [patch] ipvs: info leak in __ip_vs_get_dest_entries() On Mon, Jun 10, 2013 at 05:38:50PM +0900, Simon Horman wrote: > On Mon, Jun 03, 2013 at 12:00:49PM +0300, Dan Carpenter wrote: > > The entry struct has a 2 byte hole after ->port and another 4 byte > > hole after ->stats.outpkts. You must have CAP_NET_ADMIN in your > > namespace to hit this information leak. > > > > Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com> > > Signed-off-by: Simon Horman <horms@...ge.net.au> > > Pablo, could you take this directly into your tree. Applied, thanks Simon. > If possible for v3.10. It also appears to be relevant for stable. Sure, will do. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists