Sometimes ax25_getname() doesn't initialize all members of fsa_digipeater field of fsa struct. This structure is then copied to userland. It leads to leaking of contents of kernel stack memory. We have to initialize them to zero. Signed-off-by: Vasiliy Kulikov <segooon@xxxxxxxxx> --- net/ax25/af_ax25.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c index 26eaebf..a324d83 100644 --- a/net/ax25/af_ax25.c +++ b/net/ax25/af_ax25.c @@ -1392,6 +1392,7 @@ static int ax25_getname(struct socket *sock, struct sockaddr *uaddr, ax25_cb *ax25; int err = 0; + memset(&fsa->fsa_digipeater, 0, sizeof(fsa->fsa_digipeater)); lock_sock(sk); ax25 = ax25_sk(sk); -- 1.7.0.4 -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
