Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / b860d3cc62877fad02863e2a08efff69a19382d2
commitb860d3cc62877fad02863e2a08efff69a19382d2[log] [tgz]
authorMathias Krause <minipli@googlemail.com>Sun Apr 07 01:51:55 2013 +0000
committerDavid S. Miller <davem@davemloft.net>Sun Apr 07 16:28:01 2013 -0400
treee654b34c09acf71de2864416e5d13cb3cd0c10f3
parenta5598bd9c087dc0efc250a5221e5d0e6f584ee88 [diff]
l2tp: fix info leak in l2tp_ip6_recvmsg()

The L2TP code for IPv6 fails to initialize the l2tp_conn_id member of
struct sockaddr_l2tpip6 and therefore leaks four bytes kernel stack
in l2tp_ip6_recvmsg() in case msg_name is set.

Initialize l2tp_conn_id with 0 to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 file changed
tree: e654b34c09acf71de2864416e5d13cb3cd0c10f3
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS