Patch "staging: vc04_services: fix information leak in create_component()" has been added to the 5.15-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Mon, 01 Apr 2024 11:08:53 +0200

This is a note to let you know that I've just added the patch titled

    staging: vc04_services: fix information leak in create_component()

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     staging-vc04_services-fix-information-leak-in-create_component.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From f37e76abd614b68987abc8e5c22d986013349771 Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Wed, 13 Mar 2024 21:07:43 +0300
Subject: staging: vc04_services: fix information leak in create_component()

From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

commit f37e76abd614b68987abc8e5c22d986013349771 upstream.

The m.u.component_create.pid field is for debugging and in the mainline
kernel it's not used anything.  However, it still needs to be set to
something to prevent disclosing uninitialized stack data.  Set it to
zero.

Fixes: 7b3ad5abf027 ("staging: Import the BCM2835 MMAL-based V4L2 camera driver.")
Cc: stable <stable@xxxxxxxxxx>
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Link: https://lore.kernel.org/r/2d972847-9ebd-481b-b6f9-af390f5aabd3@moroto.mountain
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c |    1 +
 1 file changed, 1 insertion(+)

--- a/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c
+++ b/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c
@@ -942,6 +942,7 @@ static int create_component(struct vchiq
 	m.u.component_create.client_component = component->client_component;
 	strscpy_pad(m.u.component_create.name, name,
 		    sizeof(m.u.component_create.name));
+	m.u.component_create.pid = 0;
 
 	ret = send_synchronous_mmal_msg(instance, &m,
 					sizeof(m.u.component_create),


Patches currently in stable-queue which might be from dan.carpenter@xxxxxxxxxx are

queue-5.15/media-staging-ipu3-imgu-set-fields-before-media_enti.patch
queue-5.15/staging-vc04_services-changen-strncpy-to-strscpy_pad.patch
queue-5.15/nfsd-fix-double-fget-bug-in-__write_ports_addfd.patch
queue-5.15/staging-vc04_services-fix-information-leak-in-create_component.patch







