[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20090223.153859.265316948.davem@davemloft.net>
Date: Mon, 23 Feb 2009 15:38:59 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: eugeneteo@...nel.sg
Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
mpatocka@...hat.com
Subject: Re: net: amend the fix for SO_BSDCOMPAT gsopt infoleak
From: Eugene Teo <eugeneteo@...nel.sg>
Date: Tue, 24 Feb 2009 00:41:12 +0800
> The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note
> that the same problem of leaking kernel memory will reappear if someone
> on some architecture uses struct timeval with some internal padding (for
> example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to
> leak the padded bytes to userspace.
>
> Signed-off-by: Eugene Teo <eugeneteo@...nel.sg>
> Reported-by: Mikulas Patocka <mpatocka@...hat.com>
Applied and queued up for -stable, thanks Eugene.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists