Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e
commit58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e[log] [tgz]
authorDan Carpenter <dan.carpenter@oracle.com>Tue Sep 24 15:27:45 2013 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>Tue Sep 24 17:00:26 2013 -0700
treeb3420bf07c846d71a4d38802177d2d0b215b6f14
parent627aad1c01da6f881e7f98d71fd928ca0c316b1a [diff]
cciss: fix info leak in cciss_ioctl32_passthru()

The arg64 struct has a hole after ->buf_size which isn't cleared.  Or if
any of the calls to copy_from_user() fail then that would cause an
information leak as well.

This was assigned CVE-2013-2147.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Mike Miller <mike.miller@hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 file changed
tree: b3420bf07c846d71a4d38802177d2d0b215b6f14
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS