OpenVZ kernel 2.6.32 (042stab080.1) Multiple memory leaks

2013.07.04
Credit: Jonathan
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-264


Ogólna skala CVSS: 4.7/10
Znaczenie: 6.9/10
Łatwość wykorzystania: 3.4/10
Wymagany dostęp: Lokalny
Złożoność ataku: Średnia
Autoryzacja: Nie wymagana
Wpływ na poufność: Pełny
Wpływ na integralność: Brak
Wpływ na dostępność: Brak

CVE-2013-2239 - Multiple memory leaks in OpenVZ kernel 2.6.32 (042stab080.1) Description =========== Two memory leaks was discovered in the versions before vzkernel patch 042stab080.2. One memory leak in ploop: The ploop_getdevice_ioc function in drivers/block/ploop/dev.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. One memory leak in quota: The compat_quotactl function in fs/quota/quota.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. Fixed in the 042stab080.2 - [security/ploop] memory info leak fixed (PSBM-20690) - [security/quota] memory info leak fixed (PSBM-20690) Classification ============== Location : Local Access Required Attack Type : Information Disclosure, Input Manipulation Version : vzkernel 2.6.32 (Patch 042stab080.1) Impact : Loss of Confidentiality Solution : Patch / RCS Disclosure : Vendor Verified References ========== CVE ID : CVE-2013-2239 Changelog : http://wiki.openvz.org/Download/kernel/rhel6-testing/042stab080.2 Credit : Jonathan Salwan (Sysdream Security Lab) Timeline ======== 2013-06-16 : Bugs found 2013-06-19 : Bugs reported 2013-06-28 : Bugs fixed 2013-06-29 : CVE request 2013-07-04 : CVE assigned Thanks, - -- Jonathan

Referencje:

http://wiki.openvz.org/Download/kernel/rhel6-testing/042stab080.2
http://seclists.org/oss-sec/2013/q3/31


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top