Bug 535707 - VUL-1: kernel: af_irda information leak (CVE-2009-3002)
Summary: VUL-1: kernel: af_irda information leak (CVE-2009-3002)
Status: RESOLVED DUPLICATE of bug 534372
Alias: None
Product: openSUSE 11.0
Classification: openSUSE
Component: Kernel (show other bugs)
Version: Final
Hardware: Other Other
: P3 - Medium : Normal (vote)
Target Milestone: ---
Assignee: E-mail List
QA Contact: E-mail List
URL:
Whiteboard: CVE-2009-3002: CVSS v2 Base Score: 4....
Keywords: Chinese_Traditional
Depends on:
Blocks:
 
Reported: 2009-08-31 18:13 UTC by Forgotten User RsG4FBeSEb
Modified: 2009-11-03 10:55 UTC (History)
1 user (show)

See Also:
Found By: Field Engineer
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Forgotten User RsG4FBeSEb 2009-08-31 18:13:23 UTC 
/* 
 * cve-2009-3002.c
 *
 * Linux Kernel < 2.6.31-rc7 AF_IRDA getsockname 29-Byte Stack Disclosure
 * Jon Oberheide <jon@oberheide.org>
 * http://jon.oberheide.org
 * 
 * Information:
 * 
 *   http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3002 
 *
 *   The Linux kernel before 2.6.31-rc7 does not initialize certain data 
 *   structures within getname functions, which allows local users to read 
 *   the contents of some kernel memory locations by calling getsockname 
 *   on ... (2) an AF_IRDA socket, related to the irda_getname function in 
 *   net/irda/af_irda.c.
 *
 * Notes:
 * 
 *   Yet another stack disclosure...although this one is big and contiguous.
 */

I tried this on my desktop, it works. We need to fix this..
Comment 1 Thomas Biege 2009-10-14 02:56:22 UTC 
CVE-2009-3002: CVSS v2 Base Score: 4.9 (AV:L/AC:L/Au:N/C:C/I:N/A:N)
Comment 2 Marcus Meissner 2009-11-03 10:55:07 UTC 
dup

*** This bug has been marked as a duplicate of bug 534372 ***