On Mon, Jun 03, 2013 at 12:00:49PM +0300, Dan Carpenter wrote:
> The entry struct has a 2 byte hole after ->port and another 4 byte
> hole after ->stats.outpkts. You must have CAP_NET_ADMIN in your
> namespace to hit this information leak.
Hi Dan,
can I verify that it is actually possible to hit this and
thus the patch is a -stable candidate?
>
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
>
> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index df05c1c..e336535 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
> @@ -2542,6 +2542,7 @@ __ip_vs_get_dest_entries(struct net *net, const struct ip_vs_get_dests *get,
> struct ip_vs_dest *dest;
> struct ip_vs_dest_entry entry;
>
> + memset(&entry, 0, sizeof(entry));
> list_for_each_entry(dest, &svc->destinations, n_list) {
> if (count >= get->num_dests)
> break;
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
