Bugzilla – Bug 1192345
VUL-0: CVE-2021-3736: kernel-source-rt,kernel-source,kernel-source-azure: uninitialized kernel stack may lead to information disclosure
Last modified: 2021-12-03 09:09:06 UTC
A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information.
Technical details are not yet made public, I will monitor it and post updates as soon as possible.
I think the fixing commit should be de5494af4815a4c9328536c72741229b7de88e7f, which in turn addresses 681c1615f8914451cfd432ad30e2f307b6490542.
If my assumption is correct, the branches containing the offended commit are:
which also contains the fixing commit.
@kernel-team: can you also provide your feedback here?
Too little information to judge, but that's the only change seen in the relevant code path, and the description matches with it, so it's very likely the case.
(In reply to Takashi Iwai from comment #3)
> Too little information to judge, but that's the only change seen in the
> relevant code path, and the description matches with it, so it's very likely
> the case.
From RH  they agree about the fixing commit.
Wait a minute - this is a fix for code in samples/ which is toy stuff and we have in the three latest branches I checked
# CONFIG_SAMPLES is not set
so why do we even bother with this?
(In reply to Borislav Petkov from comment #5)
> Wait a minute - this is a fix for code in samples/ which is toy stuff and we
> have in the three latest branches I checked
> # CONFIG_SAMPLES is not set
> so why do we even bother with this?
You are right, CONFIG_SAMPLES is not set both for SLES and openSUSE configs. I agree with you and we can close this issue as WONTFIX. Thanks for your feedback.