[rds-devel] [PATCH] rds: fix an infoleak in rds6_inc_info_copy

[Santosh Shilimkar]

On 4/4/2019 6:35 AM, Yang Xiao wrote:
> From: Young Xiao <YangX92 at hotmail.com>
> 
> The field "flags" and "tos" of object "minfo6" is not
> initialized. Copying this object out may leak kernel
> stack data. Memset the object to avoid leak.
> 
> This vulnerability is similar to CVE-2016-5244.
> 
> See commit 4116def23379 ("rds: fix an infoleak in
> rds_inc_info_copy") for detail.
> 
> Signed-off-by: Young Xiao <YangX92 at hotmail.com>
> ---
Acked-by: Santosh Shilimkar <santosh.shilimkar at oracle.com>