Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 475604 (CVE-2013-2234) - Kernel : information leak in AF_KEY notify messages (CVE-2013-2234)
Summary: Kernel : information leak in AF_KEY notify messages (CVE-2013-2234)
Alias: CVE-2013-2234
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-07-03 09:06 UTC by Agostino Sarubbo
Modified: 2022-03-25 15:24 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-07-03 09:06:34 UTC
From ${URL} :

found in the mainline kernel git:

commit a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887
Author: Mathias Krause <>
Date:   Wed Jun 26 23:52:30 2013 +0200

    af_key: fix info leaks in notify messages

    key_notify_sa_flush() and key_notify_policy_flush() miss to initialize
    the sadb_msg_reserved member of the broadcasted message and thereby
    leak 2 bytes of heap memory to listeners. Fix that.

    Signed-off-by: Mathias Krause <>
    Cc: Steffen Klassert <>
    Cc: "David S. Miller" <>
    Cc: Herbert Xu <>
    Signed-off-by: David S. Miller <>
Comment 1 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-07-03 14:27:06 UTC
Present in 3.10; added to genpatches for 3.9.9, as it is not in stable queue.

r2428 | tomwij | 2013-07-03 16:25:51 +0200 (Wed, 03 Jul 2013) | 1 line

Applied af_key info leak security fix for bug #475604 to 3.9 branch.
Comment 2 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-07-03 14:57:19 UTC
Checked the LTS branches as well now.

r2429 | tomwij | 2013-07-03 16:52:52 +0200 (Wed, 03 Jul 2013) | 1 line

Applied af_key info leak security fix for bug #475604 to branches 3.0, 3.2 and 3.4.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:11:00 UTC
CVE-2013-2234 (
  The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in
  net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain
  structure members, which allows local users to obtain sensitive information
  from kernel heap memory by reading a broadcast message from the notify
  interface of an IPSec key_socket.
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 15:24:59 UTC
Fix in 3.4.55 onward