| |
PE1RRR > LINUX 23.07.21 01:17l 43 Lines 1429 Bytes #999 (0) @ WW
BID : 19398-PE1RRR
Read: GUEST
Subj: native netrom stack potentially compromised kernel
Path: IZ3LSV<I3XTY<I0OJJ<EA2RCF<CX2SA<PE1RRR
Sent: 210723/0011Z @:PE1RRR.#NBW.NLD.EURO #:19398 [Rijen] $:19398-PE1RRR
From: PE1RRR@PE1RRR.#NBW.NLD.EURO
To : LINUX@WW
hello,
just a heads up from a researcher aquaintance-
Hi all,
For anyone who's running a Linux system with kernel 5.x and making use of
Linux's own AX.25 stack, you should be aware of the following:
I've noticed recently that the 5.x Linux kernels are leaking random
fragments of data with sensitive information from shared memory into a
couple of NETROM frame types.
At least the tested 5.4 and 5.10 versions with several distributions seem to
do the same and seem to be affected. After some data/memory capturing and
tracing I didn't notice any other occasion where it happens.
Because the root cause of this might be deep into Linux's kernel source I
won't be supprised and do believe it's not only NETROM leaking that data
from memory but for now it's the only occasion where I've seen it happen.
Because the Linux kernel and its memory management are highly advanced and
complex I ceased chasing a possible root cause in the Linux kernel's source
myself.
On my own setup I've currently downgraded to a 4.19 kernel.
The issue is reported and details are sent to the linux-hams maintainers.
Hope they're picking up the issue and willing to investigate and resolve the
issue soon. If not, I'll climb higher in the tree.
-- Dave van Uden
Not usually able to do this but i look forward to the responses on their
mailing list.
---- notes pe1rrr
73
red
Read previous mail | Read next mail
| |
