--- /dev/null
+From stable-bounces@linux.kernel.org Fri May 26 04:54:47 2006
+Date: Fri, 26 May 2006 13:50:46 +0200
+From: Marcel Holtmann <marcel@holtmann.org>
+To: netdev@vger.kernel.org
+Cc: stable@kernel.org
+Subject: NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
+
+It appears that sockaddr_in.sin_zero is not zeroed during
+getsockopt(...SO_ORIGINAL_DST...) operation. This can lead
+to an information leak (CVE-2006-1343).
+
+Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
+Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+---
+
+ net/ipv4/netfilter/ip_conntrack_core.c | 1 +
+ net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+--- linux-2.6.16.18.orig/net/ipv4/netfilter/ip_conntrack_core.c
++++ linux-2.6.16.18/net/ipv4/netfilter/ip_conntrack_core.c
+@@ -1318,6 +1318,7 @@ getorigdst(struct sock *sk, int optval,
+ .tuple.dst.u.tcp.port;
+ sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
+ .tuple.dst.ip;
++ memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
+
+ DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
+ NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));
+--- linux-2.6.16.18.orig/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
++++ linux-2.6.16.18/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+@@ -354,6 +354,7 @@ getorigdst(struct sock *sk, int optval,
+ .tuple.dst.u.tcp.port;
+ sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
+ .tuple.dst.u3.ip;
++ memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
+
+ DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
+ NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));