On Tue, 26 Nov 2013, Ben Hutchings wrote:
> On Tue, 2013-11-26 at 13:58 +0100, David Herrmann wrote:
> > UHID allows short writes so user-space can omit unused fields. We
> > automatically set them to 0 in the kernel. However, the 64/32 bit
> > compat-handler didn't do that in the UHID_CREATE fallback. This will
> > reveal random kernel heap data (of random size, even) to user-space.
> >
> > Reported-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
> > Signed-off-by: David Herrmann <dh.herrmann@xxxxxxxxx>
> > Cc: stable@xxxxxxxxxxxxxxx
>
> Fixes: befde0226a59 ('HID: uhid: make creating devices work on 64/32 systems')
>
> (that should make it clear which versions need the fix)
Thanks a lot, applied with the Fixes: annotation added.
--
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html