• Salva Peiró
  • Profile
  • Education
  • Publications
  • Projects
  • Archives



[patch] farsync: fix info leak in ioctl

by speiro - Oct 14, 2013 - CVE-2014-1444, CVE-2014-1445, security, kernel, infoleak,

Summary

CVE CVE-2014-1444
Author Salva Peiró
Date October 2013 - Discovery of the vulnerability.
Impact The vulnerability discloses 2 bytes of kernel process stack.
Affected Versions From Linux-2.6.12-rc2 to linux-3.15-rc3
Bug Timespan 8.5 years: 2005-04-16 to 2013-10-14 commit 1da177e4

InfoLeak Description

The fst_get_iface() code fails to initialize the two padding bytes of struct sync_serial_settings after the ->loopback field. Add an explicit memset(0) before filling the structure to avoid the info leak.

Analysis of the Leak Code

The code of fs_get_iface() is annotated above with the interesting steps:

  • [1] The …
more ...

Page 1 / 1

  Categories

  • CVEs
  • Infoleaks
  • Learning
  • Techniques

  Activity

  • SPADV-2018-01
  • CVE-2016-3178
  • CVE-2015-7885
  • CVE-2015-7884
  • CVE-2014-1739
  • CVE-2014-1446
  • CVE-2014-1445

  Contact

  • Linkedin
  • ResearchGate
  • Atom feed