This is a note to let you know that I've just added the patch titled
farsync: fix info leak in ioctl
to the 3.11-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
farsync-fix-info-leak-in-ioctl.patch
and it can be found in the queue-3.11 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From c871c477136615360e283471acdb33df95d70470 Mon Sep 17 00:00:00 2001
From: Salva Peiró <speiro@xxxxxxxxxx>
Date: Fri, 11 Oct 2013 12:50:03 +0300
Subject: farsync: fix info leak in ioctl
From: Salva Peiró <speiro@xxxxxxxxxx>
[ Upstream commit 96b340406724d87e4621284ebac5e059d67b2194 ]
The fst_get_iface() code fails to initialize the two padding bytes of
struct sync_serial_settings after the ->loopback member. Add an explicit
memset(0) before filling the structure to avoid the info leak.
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/net/wan/farsync.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/net/wan/farsync.c
+++ b/drivers/net/wan/farsync.c
@@ -1972,6 +1972,7 @@ fst_get_iface(struct fst_card_info *card
}
i = port->index;
+ memset(&sync, 0, sizeof(sync));
sync.clock_rate = FST_RDL(card, portConfig[i].lineSpeed);
/* Lucky card and linux use same encoding here */
sync.clock_type = FST_RDB(card, portConfig[i].internalClock) ==
Patches currently in stable-queue which might be from speiro@xxxxxxxxxx are
queue-3.11/wanxl-fix-info-leak-in-ioctl.patch
queue-3.11/farsync-fix-info-leak-in-ioctl.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html