Re: [PATCH v2] HID: uhid: fix leak for 64/32 UHID_CREATE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 26 Nov 2013, Ben Hutchings wrote:

> On Tue, 2013-11-26 at 13:58 +0100, David Herrmann wrote:
> > UHID allows short writes so user-space can omit unused fields. We
> > automatically set them to 0 in the kernel. However, the 64/32 bit
> > compat-handler didn't do that in the UHID_CREATE fallback. This will
> > reveal random kernel heap data (of random size, even) to user-space.
> > 
> > Reported-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
> > Signed-off-by: David Herrmann <dh.herrmann@xxxxxxxxx>
> > Cc: stable@xxxxxxxxxxxxxxx
> 
> Fixes: befde0226a59 ('HID: uhid: make creating devices work on 64/32 systems')
> 
> (that should make it clear which versions need the fix)

Thanks a lot, applied with the Fixes: annotation added.

-- 
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]