First Last Prev Next    This bug is not in your last search results.
Bug 951626 - (CVE-2015-7884) VUL-0: CVE-2015-7884: kernel: ioctl infoleaks on vivid-osd
(CVE-2015-7884)
VUL-0: CVE-2015-7884: kernel: ioctl infoleaks on vivid-osd
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 13.2
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/158038/
CVSSv2:SUSE:CVE-2015-7884:1.7:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-22 15:38 UTC by Andreas Stieger
Modified: 2020-06-17 02:13 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2015-10-22 15:38:01 UTC 
http://seclists.org/oss-sec/2015/q4/115
http://seclists.org/oss-sec/2015/q4/122

http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c

    media/vivid-osd: fix info leak in ioctl

        [media] media/vivid-osd: fix info leak in ioctl
        The vivid_fb_ioctl() code fails to initialize the 16 _reserved bytes of
        struct fb_vblank after the ->hcount member. Add an explicit
        memset(0) before filling the structure to avoid the info leak.


> vivid-osd.c - osd support for testing overlays.
> fails to initialize the 16 _reserved bytes of struct fb_vblank


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7884
http://seclists.org/oss-sec/2015/q4/115
http://seclists.org/oss-sec/2015/q4/122
Comment 1 Andreas Stieger 2015-10-22 15:48:40 UTC 
Code is new in v3.18
Comment 2 Swamp Workflow Management 2015-10-22 22:00:46 UTC 
bugbot adjusting priority
Comment 3 Takashi Iwai 2015-10-23 06:46:31 UTC 
Backported to openSUSE-42.1 and stable branches.
Comment 4 Takashi Iwai 2015-10-23 07:22:09 UTC 
Back to security team.
Comment 5 Bernhard Wiedemann 2015-10-26 12:00:30 UTC 
This is an autogenerated message for OBS integration:
This bug (951626) was mentioned in
https://build.opensuse.org/request/show/340964 Leap:42.1 / kernel-source
Comment 6 Xuanke Han 2015-11-17 05:24:53 UTC 
Does this bug effect on SLES10 SPx and SLES11 SPx?
Comment 7 Takashi Iwai 2015-11-17 06:02:17 UTC 
(In reply to 玄科 韩 from comment #6)
> Does this bug effect on SLES10 SPx and SLES11 SPx?

No.
Comment 8 Swamp Workflow Management 2016-04-12 10:10:58 UTC 
openSUSE-SU-2016:1008-1: An update that solves 15 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 814440,884701,949936,951440,951542,951626,951638,953527,954018,954404,954405,954876,958439,958463,958504,959709,960561,960563,960710,961263,961500,961509,962257,962866,962977,963746,963765,963767,963931,965125,966137,966179,966259,966437,966684,966693,968018,969356,969582,970845,971125
CVE References: CVE-2015-1339,CVE-2015-7799,CVE-2015-7872,CVE-2015-7884,CVE-2015-8104,CVE-2015-8709,CVE-2015-8767,CVE-2015-8785,CVE-2015-8787,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2184,CVE-2016-2383,CVE-2016-2384
Sources used:
openSUSE Leap 42.1 (src):    kernel-debug-4.1.20-11.1, kernel-default-4.1.20-11.1, kernel-docs-4.1.20-11.3, kernel-ec2-4.1.20-11.1, kernel-obs-build-4.1.20-11.2, kernel-obs-qa-4.1.20-11.1, kernel-obs-qa-xen-4.1.20-11.1, kernel-pae-4.1.20-11.1, kernel-pv-4.1.20-11.1, kernel-source-4.1.20-11.1, kernel-syms-4.1.20-11.1, kernel-vanilla-4.1.20-11.1, kernel-xen-4.1.20-11.1
Comment 9 Marcus Meissner 2016-08-01 12:38:43 UTC 
released
First Last Prev Next    This bug is not in your last search results.