Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 494086 - Kernel: Genlock: Uninitialized data read (CVE-2013-6392)
Summary: Kernel: Genlock: Uninitialized data read (CVE-2013-6392)
Status: IN_PROGRESS
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-12 20:19 UTC by GLSAMaker/CVETool Bot
Modified: 2022-10-15 02:50 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2013-12-12 20:19:41 UTC 
CVE-2013-6392 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6392):
  The genlock_dev_ioctl function in genlock.c in the Genlock driver for the
  Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android
  contributions for MSM devices and other products, does not properly
  initialize a certain data structure, which allows local users to obtain
  sensitive information from kernel stack memory via a crafted
  GENLOCK_IOC_EXPORT ioctl call.


Unclear if this one is fixed.
Comment 1 Mike Pagano gentoo-dev 2022-03-28 17:04:46 UTC 
I found references to this only in the Kernel tree for Qualcomm chipsets.
Which we don't ship.