626720 – Linux kernel: net/irda/af_irda.c: irda_getsockopt() stack infoleak

Bug 626720 - Linux kernel: net/irda/af_irda.c: irda_getsockopt() stack infoleak

Summary: Linux kernel: net/irda/af_irda.c: irda_getsockopt() stack infoleak

Status:	RESOLVED DUPLICATE of bug 466754

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Kernel Security

URL:	https://vuldb.com/?id.8497
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-07-31 17:23 UTC by D'juan McDonald (domhnall)
Modified:	2017-08-25 00:56 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description D'juan McDonald (domhnall) 2017-07-31 17:23:07 UTC

On Mon, Jul 31, 2017 at 04:03:57PM +0100, John Haxby wrote:

    On 30/07/17 05:47, sohu0106 wrote:

        net/irda/af_irda.c

        Sometimes irda_getsockopt() doesn't initialize all members of list field of irda_device_list struct.  This 
        structure is then copied to
        userland.  It leads to leaking of contents of kernel stack memory.  We have to initialize them to zero , or it will 
        allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this 
        structure

        https://github.com/torvalds/linux/pull/440


Reproducible: Always

Comment 1 D'juan McDonald (domhnall) 2017-08-25 00:56:02 UTC

Closing as duplicate of https://bugs.gentoo.org/show_bug.cgi?id=466754

 See ${URL}:
https://vuldb.com/?id.8497

*** This bug has been marked as a duplicate of bug 466754 ***