blob: aa463650a56ab3f7b7d4368963291f05a0ee4a20 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
|
References:
http://seclists.org/oss-sec/2013/q1/598
Description: information leak in crypto API
Notes:
jmm> This ID is about
jmm> crypto_report_one() does not initialize all field of struct crypto_user_alg. Fix this to fix the heap info leak.
Bugs:
upstream: released (3.9-rc1) [9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6]
2.6.32-upstream-stable: N/A "introduced in 3.2 commit a38f7907b926"
sid: released (3.2.41-1)
2.6.32-squeeze-security: N/A "introduced in 3.2 commit a38f7907b926"
3.2-upstream-stable: released (3.2.41) [crypto-user-fix-info-leaks-in-report-api.patch]
|