android_kernel_zuk_msm8996.git

diff options

author	Peilin Ye <yepeilin.cs@gmail.com>	2020-07-30 15:20:26 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-08-21 10:52:53 +0200
commit	21d2a29f7c1cef6eb15390bca30b6cb509d29d78 (patch)
tree	2e509cdbccc792e25bdf4623e69cfb9176ae32bc /tools/perf/scripts/python/bin
parent	bb4dfb3435708fc15a91a739a295151e34a15686 (diff)

rds: Prevent kernel-infoleak in rds_notify_queue_get()

commit bbc8a99e952226c585ac17477a85ef1194501762 upstream. rds_notify_queue_get() is potentially copying uninitialized kernel stack memory to userspace since the compiler may leave a 4-byte hole at the end of `cmsg`. In 2016 we tried to fix this issue by doing `= { 0 };` on `cmsg`, which unfortunately does not always initialize that 4-byte hole. Fix it by using memset() instead. Cc: stable@vger.kernel.org Fixes: f037590fff30 ("rds: fix a leak of kernel memory") Fixes: bdbe6fbc6a2f ("RDS: recv.c") Suggested-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com> Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'tools/perf/scripts/python/bin')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: