The 2 commits that fix CVE-2013-2147 have been merged upstream but
have not been tagged for stable kernels. They seem to be clean
cherry-picks for all the stable kernel trees.
Please consider picking the following commits for all the trees:
commit 627aad1c01da6f881e7f98d71fd928ca0c316b1a
Author: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Tue Sep 24 15:27:44 2013 -0700
cpqarray: fix info leak in ida_locked_ioctl()
The pciinfo struct has a two byte hole after ->dev_fn so stack
information could be leaked to the user.
This was assigned CVE-2013-2147.
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Acked-by: Mike Miller <mike.miller@xxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
commit 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e
Author: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Tue Sep 24 15:27:45 2013 -0700
cciss: fix info leak in cciss_ioctl32_passthru()
The arg64 struct has a hole after ->buf_size which isn't cleared. Or if
any of the calls to copy_from_user() fail then that would cause an
information leak as well.
This was assigned CVE-2013-2147.
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Acked-by: Mike Miller <mike.miller@xxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cheers,
--
Luis
Attachment:
signature.asc
Description: PGP signature