Bug 451271 - (CVE-2008-2729) CVE-2008-2729 kernel: [x86_64] The string instruction version didn't zero the output on exception.
CVE-2008-2729 kernel: [x86_64] The string instruction version didn't zero th...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
reported=20080612,public=20060826,sou...
: Security
Depends On: 451272 451273 451274 451275 451276 453137
Blocks:
  Show dependency treegraph
 
Reported: 2008-06-13 13:25 EDT by Jan Lieskovsky
Modified: 2010-12-23 14:06 EST (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-12-23 14:06:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2008-06-13 13:25:10 EDT
Description of problem:
=======================

Andi Kleen has provided upstream fix for the following x86_64 arch
related issue:

- Don't zero for __copy_from_user_inatomic following i386.
This will prevent spurious zeros for parallel file system writers when
one does a exception
- The string instruction version didn't zero the output on
exception. Oops.

Version-Release number of selected component (if applicable):
All Linux kernel version prior 2.6.19

How reproducible:
Always
  
Actual results:
The possibility of potentially sensitive data leak.

Expected results:
No sensitive data leak.

Additional info:

Link to upstream commit:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3022d734a54cbd2b65eea9a024564821101b4a9a;hp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

This issue discovered by Cai Qian in RH in process of RHSA-2008:0508 kernel
QA testing.
Comment 13 Vincent Danen 2010-12-23 14:06:40 EST
This was addressed via:

Red Hat Enterprise Linux version 4 (RHSA-2008:0508)
Red Hat Enterprise Linux version 5 (RHSA-2008:0519)
MRG Realtime for RHEL 5 Server (RHSA-2008:0585)

Note You need to log in before you can comment on or make changes to this bug.