Re: [stable] fanotify: info leak in copy_event_to_user()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 2013-07-24 at 11:09 +0100, Luis Henriques wrote:
> This fixes CVE-2013-2148 and seems to be a good candidate for stable
> kernels:
> 
> commit de1e0c40aceb9d5bff09c3a3b97b2f1b178af53f
> Author: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Date:   Mon Jul 8 15:59:40 2013 -0700
> 
>     fanotify: info leak in copy_event_to_user()
>     
>     The ->reserved field isn't cleared so we leak one byte of stack
>     information to userspace.

Queued up for 3.2, thanks.

Ben.

-- 
Ben Hutchings
All extremists should be taken out and shot.

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]