blob: de49c62b1c4e510a3e04f4051353799395292e10 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: uninitialized kernel stack may lead to information disclosure
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1995570
Notes:
carnil> As of 2021-11-04 no further information yet provided in
carnil> RHBZ#1995570. The description reads as "A memory leak problem
carnil> was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in
carnil> Virtual Function I/O (VFIO) Mediated devices. This flaw could
carnil> allow a local attacker to leak internal kernel information."
carnil> and so relates to changes in samples/vfio-mdev/mbochs.c .
Bugs:
upstream: released (5.15-rc1) [de5494af4815a4c9328536c72741229b7de88e7f]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.14.6-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"
|
