Multiple memory leaks in OpenVZ kernel 2.6.32 (042stab080.1)
Two memory leaks was discovered in the versions before vzkernel patch 042stab080.2. One memory leak in ploop: The ploop_getdevice_ioc function in drivers/block/ploop/dev.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. One memory leak in quota: The compat_quotactl function in fs/quota/quota.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable,Description
Two memory leaks was discovered in the versions before vzkernel patch 042stab080.2. One memory leak in ploop: The ploop_getdevice_ioc function in drivers/block/ploop/dev.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. One memory leak in quota: The compat_quotactl function in fs/quota/quota.c in the vzkernel patch before 042stab080.2 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory. Fixed in the 042stab080.2 – [security/ploop] memory info leak fixed (PSBM-20690) – [security/quota] memory info leak fixed (PSBM-20690) Classification
Location
Local Access Required Attack Type : Information Disclosure, Input Manipulation Version : vzkernel 2.6.32 (Patch 042stab080.1)
Impact
Loss of Confidentiality Solution : Patch / RCS Disclosure : Vendor Verified References
CVE ID
CVE-2013-2239
Changelog
http://wiki.openvz.org/Download/kernel/rhel6-testing/042stab080.2
Credit
Jonathan Salwan (Sysdream Security Lab)
Timeline
- 2013-06-16 : Bugs found 2013-06-19 : Bugs reported 2013-06-28 : Bugs fixed 2013-06-29 : CVE request 2013-07-04 : CVE assigned