| Summary: | Kernel: net: memory leak in recvmsg handlermsg name & msg_namelen logic (CVE-2013-6463) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Samuel Damashek (RETIRED) <sdamashek> |
| Component: | Kernel | Assignee: | Gentoo Kernel Security <security-kernel> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | kernel |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.openwall.com/lists/oss-security/2013/12/31/6 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
Fixed in 3.13 |
From ${URL} : Linux kernel built with the networking support(CONFIG_NET) is vulnerable to an information leakage flaw in the socket layer. It could occur while doing recvmsg(2), recvfrom(2) socket calls. It occurs due to improperly initialised msg_name & msg_namelen message header parameters. A user/program could use this flaw to leak information from kernel memory bytes. Upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1039845