Bug 1333320 - kernel: Information leak in wilc1000 module
Summary: kernel: Information leak in wilc1000 module
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1333321
Blocks: 1332934
TreeView+ depends on / blocked
 
Reported: 2016-05-05 09:39 UTC by Adam Mariš
Modified: 2021-02-17 03:55 UTC (History)
33 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-05-30 14:56:09 UTC
Embargoed:

Attachments (Terms of Use)

Description Adam Mariš 2016-05-05 09:39:08 UTC 
An information leak vulnerability in wilc1000 module from staging portion of kernel tree was found in drivers/staging/wilc1000/wilc_wfi_cfgoperations.c. The 6-bytes stack object “mac” is not initialized but leaked via “nla_put”. This bug may result in leaks of sensitive kernel stack data.

public via:
https://www.spinics.net/lists/linux-wireless/msg150352.html

cve request and nack:
http://seclists.org/oss-sec/2016/q2/225
http://seclists.org/oss-sec/2016/q2/226

upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d13829686bba3e06e2217f044beb8fd5a9abf792
Comment 1 Adam Mariš 2016-05-05 09:40:15 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1333321]
Comment 2 Josh Boyer 2016-05-05 12:40:39 UTC 
(In reply to Adam Mariš from comment #1)
> Created kernel tracking bugs for this issue:
> 
> Affects: fedora-all [bug 1333321]

Fedora doesn't build this module.  It should not be affected.
Comment 4 Vladis Dronov 2016-05-30 14:56:09 UTC 
Statement:

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2, as the code affected is in staging status and is not built with these products.
Note You need to log in before you can comment on or make changes to this bug.