DragonFlyBSD Kernel Audit
← dashboard
DF-0266

Uninitialized inflate window: kernel heap info leak via stale window data

Summary

inflate_blocks_new(:3721) ZALLOC window via kmalloc WITHOUT M_ZERO. inflate_blocks_reset(:3706) resets pointers only, does NOT zero window. DEFLATE back-reference to unwritten window position -> stale heap data emitted as decompressed output. Any windowBits. PPP peer sends compressed frame referencing start-of-stream distance after inflateReset.