624903 – (CVE-2010-2942) CVE-2010-2942 kernel: net sched: fix some kernel memory leaks

Bug 624903 (CVE-2010-2942) - CVE-2010-2942 kernel: net sched: fix some kernel memory leaks

Summary: CVE-2010-2942 kernel: net sched: fix some kernel memory leaks

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2010-2942
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	624637 624638 624904 624906 624907 626315 626316
Blocks:
TreeView+	depends on / blocked

Reported:	2010-08-18 03:52 UTC by Eugene Teo (Security Response)
Modified:	2021-10-19 09:13 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-19 09:13:39 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2010:0723	normal	SHIPPED_LIVE	Important: kernel security and bug fix update	2010-09-29 14:53:22 UTC
Red Hat Product Errata	RHSA-2010:0771	normal	SHIPPED_LIVE	Moderate: kernel-rt security and bug fix update	2010-10-14 15:30:14 UTC
Red Hat Product Errata	RHSA-2010:0779	normal	SHIPPED_LIVE	Moderate: kernel security and bug fix update	2010-10-19 18:47:53 UTC

Description Eugene Teo (Security Response) 2010-08-18 03:52:29 UTC

Description of problem:
We leak at least 32bits of kernel memory to user land in tc dump, because we dont init all fields (capab ?) of the dumped structure.

Use C99 initializers so that holes and non explicit fields are zeroed.

http://patchwork.ozlabs.org/patch/61857/

Comment 3 Jiri Pirko 2010-08-19 06:14:31 UTC

upstream commit:

http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=1c40be12f7d8ca1d387510d39787b12e512a7ce8

Comment 5 Eugene Teo (Security Response) 2010-08-23 07:39:42 UTC

Statement:

This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 3 as it did not include upstream commit be84c7f6 (history repository) that introduced the problem. A future kernel update in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG will address this issue.

Comment 6 errata-xmlrpc 2010-09-29 14:54:07 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2010:0723 https://rhn.redhat.com/errata/RHSA-2010-0723.html

Comment 7 errata-xmlrpc 2010-10-14 15:30:24 UTC

This issue has been addressed in following products:

  MRG for RHEL-5

Via RHSA-2010:0771 https://rhn.redhat.com/errata/RHSA-2010-0771.html

Comment 8 errata-xmlrpc 2010-10-19 18:48:01 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2010:0779 https://rhn.redhat.com/errata/RHSA-2010-0779.html

Note You need to log in before you can comment on or make changes to this bug.