Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / kernel / msm / b3e62e35058fc744ac794611f4e79bcd1c5a4b83
commitb3e62e35058fc744ac794611f4e79bcd1c5a4b83[log] [tgz]
authorXiao Guangrong <xiaoguangrong@cn.fujitsu.com>Tue Sep 15 14:44:36 2009 +0800
committerIngo Molnar <mingo@elte.hu>Tue Sep 15 09:53:31 2009 +0200
tree797092fc19f9af8b6e5242c1987137dd362f51bc
parent74fca6a42863ffacaf7ba6f1936a9f228950f657 [diff]
perf_counter: Fix buffer overflow in perf_copy_attr()

If we pass a big size data over perf_counter_open() syscall,
the kernel will copy this data to a small buffer, it will
cause kernel crash.

This bug makes the kernel unsafe and non-root local user can
trigger it.

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Acked-by: Peter Zijlstra <peterz@infradead.org>
Acked-by: Paul Mackerras <paulus@samba.org>
Cc: <stable@kernel.org>
LKML-Reference: <4AAF37D4.5010706@cn.fujitsu.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
1 file changed
tree: 797092fc19f9af8b6e5242c1987137dd362f51bc
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS