oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request: kernel: xfs: XFS_I

Re: [oss-security] CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak

From: Josh Bressers <bressers_at_nospam>
Date: Tue Sep 07 2010 - 19:33:33 GMT
To: oss-security@lists.openwall.com

Please use CVE-2010-3078

Thanks.

-- JB ----- "Eugene Teo" <eugene@redhat.com> wrote: > From Dan Rosenberg, "the XFS_IOC_FSGETXATTR ioctl allows unprivileged > > users to read 12 bytes of uninitialized stack memory, because the > fsxattr struct declared on the stack in xfs_ioc_fsgetxattr() does not > > alter (or zero) the 12-byte fsx_pad member before copying it back to > the > user." > > http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html > https://bugzilla.redhat.com/show_bug.cgi?id=630804 > > Thanks, Eugene > -- > main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); > }