On 22-01-19, 21:25, Fuqian Huang wrote: > Hi, recently I came across some code and it seems to be able to leak > kernel address? > Is the following code cause info leak in the Linux kernel? > The callback function address is printed to debugfs. > The local user could know the kernel object address, and is able to > bypass kASLR. > linux-4.14.90 > drivers/dma/qcom/hidma_dbg.c:46 > function - hidma_ll_chstats Doesnt %p not print kernel addresses anymore, see Documentation/core-api/printk-formats.rst > > The hidma_ll_chstats function in drivers/dma/qcom/hidma_dbg.c in the > Linux kernel 4.14.90 allows local users to obtain sensitive address > information by reading "callback=" lines in a debugfs file. > > Similar to CVE-2018-7754 -- ~Vinod
